ppp0 to internal network
HI I have a SuSE linux server ( firwall, smtp $ www server) tree adapters eth0 - 192.168.1.4 , eth1 196.25.208.26 & ppp0 192.168.1.11 if my users (trusted) dial in to ppp0 they must be able to telnet into my Unix server 192.168.1.80 & I would like to be able to access my Win2k Server via Windows Terminal Client. This is what my firewall2.rc.config looks like. Thanx for any help. ###################################################### FW_DEV_EXT="ppp0" FW_DEV_INT="eth0" FW_DEV_DMZ="eth1" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="" FW_PROTECT_FROM_INTERNAL="yes" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="23" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="25 80 110" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="21 23 25 53 110 3128" FW_SERVICES_INT_UDP="53" FW_SERVICES_INT_IP="" FW_TRUSTED_NETS="192.168.1.0/24" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" FW_SERVICE_AUTODETECT="yes" # Autodetect the services below when starting FW_SERVICE_DNS="yes" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="yes" FW_SERVICE_SAMBA="no" FW_FORWARD="" FW_FORWARD_MASQ="" FW_REDIRECT="" FW_LOG_DROP_CRIT="no" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE- FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="no" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" # END of rc.firewall FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="no" FW_IGNORE_FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="yes" ################################################################ Andre Vorster Business Print Centre Tel: 012 349 2295 Fax: 012 349 2299
* Andre Vorster;
HI
I have a SuSE linux server ( firwall, smtp $ www server) tree adapters eth0 - 192.168.1.4 , eth1 196.25.208.26 & ppp0 192.168.1.11 if my users (trusted) dial in to ppp0 they must be able to telnet into my Unix server 192.168.1.80 & I would like to be able to access my Win2k Server via Windows Terminal Client.
This is what my firewall2.rc.config looks like.
If eth1 is the webserver reachable from the internet with this configuration is it reachable ? -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
No I had to change this and everyting works I can reach my unix server FW_DEV_EXT="eth1" FW_DEV_INT="eth0 ppp0" FW_DEV_DMZ="eth1" FW_ALLOW_CLASS_ROUTING="yes" If eth1 is the webserver reachable from the internet with this configuration is it reachable ? -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
* Andre Vorster;
No I had to change this and everyting works I can reach my unix server
FW_DEV_EXT="eth1" FW_DEV_INT="eth0 ppp0"
That's what I thought as it sounds reasonable
FW_DEV_DMZ="eth1"
No need it is already defined in FW_DEV_EXT -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
participants (2)
-
Andre Vorster
-
Togan Muftuoglu