very interresting. thank you very much for the ORANGE explaination.
just to be sure, by uplink cable, do you talk about a cross-cable used for 
linking two computer without hub ? In french, we just call it a "cable 
croisee" because some wire are crossed in it. but maybe I'm wrong and you 
talk about something else.

On Monday 09 June 2003 20:20, Kevin Anderson wrote:
> I will be easier to link 2 hubs.  If one of the hubs doesn't have an
> uplink/crossover port, then link them with an uplink cable.  It'll be less
> than $10, and FAR less hassle than having 2 Green NICs in your IPcop box.
>
> Orange is for a DMZ.  That's when you want to have a server that is
> accessible to the internet (a web server, for example) so you need to allow
> people to connect to it.  By allowing people to connect to it, it is
> possible that it will be compromised.  A DMZ will allow a situation where a
> compromised machine still has no access to the internal network.  You might
> lose 1 server, but that's all you'd lose, because the boxes in the DMZ will
> not have any better access to your internal network than anything else on
> the Internet.  Orange is "semi-protected".
>
> Kev.
>
>
>
>
> ----- Original Message -----
> From: "Mathieu Jobin" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, June 09, 2003 7:18 PM
> Subject: Re: (clug-talk) Need help with IP Cop at work - NIC issue
>
> > anyone have tried to install two GREEN card under IPcop ?
> >
> > im not sure to understand whats a ORANGE card, ... but what i need to do,
>
> is
>
> > to output two network card to two hub. i think it could be easier to link
>
> the
>
> > hubs together and my hubs dont have this feature. so i need to link it by
>
> a
>
> > PC. so ? does IPCop can have on red card and two green card ?
> >
> > thanks
> >
> > On Monday 09 June 2003 17:38, Shawn Grover wrote:
> > > Thanks Kevin.  I considered using a card from home, unfortunately, I
>
> have
>
> > > DLinks myself (except for the SMC in MY router).  So the issue still
> > > exists. We'll be getting an SMC soon, had a situation where it either
>
> got
>
> > > resolved last night, or it had be back in it's original state for today
>
> (a
>
> > > couple of online demos were/are scheduled for today and the next couple
>
> of
>
> > > days).  So, we're back to the way we were, until I can get the firewall
> > > built right. Maybe next weekend.
> > >
> > > Thanks for the tip on the aliasing.
> > >
> > > Shawn
> > >
> > > -----Original Message-----
> > > From: Kevin Anderson [mailto:[EMAIL PROTECTED]
> > > Sent: Monday, June 09, 2003 11:58 AM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: (clug-talk) Need help with IP Cop at work - NIC issue
> > >
> > >
> > > Why not blow $20 on a card out of your pocket?  Then you'll have all
> > > the different cards.  Heck, you could probably just trade it for one
> > > you
>
> have
>
> > > at home/work already, and not spend a dime.  You'll more than make up
>
> for
>
> > > the $20 when you follow this project up with a cost savings analysis,
>
> and
>
> > > get a bonus for it...
> > >
> > > Aliasing the red interface is available from the Web Interface.
> > >
> > > Kev.
> > >
> > >
> > >
> > > ----- Original Message -----
> > > From: "Shawn" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> > > Sent: Sunday, June 08, 2003 9:25 PM
> > > Subject: RE: (clug-talk) Need help with IP Cop at work - NIC issue
> > >
> > > > Thanks for the reply.  The MAC addresses would only apply if I can
> > > > get the manual config working for the PCI cards.  I don't have the
> > > > info I need to
> > >
> > > do
> > >
> > > > the manual config (i.e. what options need to be specified, how do I
>
> find
>
> > > the
> > >
> > > > values for those options, etc.).
> > > >
> > > > Thus far, I have the Red and Green interfaces running.  I think I'll
>
> be
>
> > > able
> > >
> > > > to convince the boss to buy an SMC card at which point we'll have 3
> > > > different NICs.  However, this means a delay in implementing the
> > > > firewall.
> > > >
> > > > On a different note, does anyone have any suggestions on how to
> > > > handle the IP addressing in our case?  We have 8 static addresses
> > > > with about
>
> 5
>
> > > > of
> > >
> > > them
> > >
> > > > in use right now.  These 5 are fairly important (mailserver, web
>
> server,
>
> > > > VPN, etc.) and shouldn't change.  Is there any way we can make IPCop
> > > > recognize all the addresses on the external interface (aliasing I
>
> guess),
>
> > > > and be able to route according to what address is used?  My
> > > > experience
> > >
> > > with
> > >
> > > > IPCop suggests I can only use the default address of the Red
> > > > interface for determining routing.  I'd rather not have to put in a
> > > > hub that
>
> would
>
> > > connect
> > >
> > > > all our public boxes directly to the DSL modem (I'd rather they were
>
> on
>
> > > the
> > >
> > > > DMZ and accessed through the firewall).  But, I haven't had a need
> > > > (or the resources) to setup an Orange interface before (for myself
> > > > that
>
> is),
>
> > > > so
> > >
> > > I'm
> > >
> > > > sure I'm missing something.  More reading coming down the pipe, I can
> > >
> > > tell.
> > >
> > > > Thanks again for the input.
> > > >
> > > > Shawn
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Neil Bower [mailto:[EMAIL PROTECTED]
> > > > Sent: Sunday, June 08, 2003 8:39 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: (clug-talk) Need help with IP Cop at work - NIC issue
> > > >
> > > >
> > > > Hi Shawn,
> > > > As far as I know ou can still do manual configs on the PCI cards.
> > > >
> > > > This is somethng I posted earlier in the week that can help if you're
> > >
> > > using
> > >
> > > > the same type of cards.
> > > >
> > > > I installed IPCop using 3 NICS (all 3-Com)
> > > > 1 - 10mb/s ISA Card and 2 -10/100 PCI Cards. The installation went
>
> fairly
>
> > > > well
> > > > and had no issues with the installation discovering the ISA Card - it
> > > > actually detected that one first. Being as the ISA Card is used on
> > > > the red zone, it actually helped with eliminating which card wasn't
> > > > to be used for the green zone.  Not related to your problem, but may
> > > > help
>
> later
>
> > > > in the installation is to make sure you record the MAC addresses of
>
> the
>
> > > > cards as you
> > > > put them in the box. Once your installation is finished, login to the
> > > > console
> > > > and check the output of the ifconfig. Based on the MAC addresses and
>
> the
>
> > > IP
> > >
> > > > addresses, it'll be easy to know which cards to connect to which
>
> zones.
>
> > > > Hope this helps,
> > > >
> > > > Neil
> > > >
> > > > On Sunday 08 June 2003 18:28, Shawn Grover wrote:
> > > >  >At work, we have a need to revise our network wiring/architecture.
> > > >  > I've convinced the power's that be to try out IP Cop for our
>
> firewall,
>
> > > instead
> > >
> > > >  > of the multiple Windows ISA servers we have now - the selling
> > > >  > point was that IP Cop is much easier to manage than ISA.  However,
> > > >  > I'm in the process of building the IPCop box now, and am having
> > > >  > problems
>
> with
>
> > > >  > the network cards.
> > > >  >
> > > >  >I don't have the luxury of having 3 distinct models of NICs (we're
> > > >  > doing
> > >
> > > a
> > >
> > > >  >red-orange-green setup).  The best I have is one or more DLink
> > > >  > 538s, and
> > >
> > > a
> > >
> > > >  >single DLink 530.  The probe feature detects these models with
> > > >  > different drivers, which is good, but I need to configure two (or
> > > >  > three) 538s.
> > >
> > > The
> > >
> > > >  >documentation I've looked at indicates I should select a manual
> > > >  >configuration, and specify the options I need for the cards -
>
> however,
>
> > > > this
> > > >
> > > >  >documentation specifically deals with ISA cards.  Can anyone tell
> > > >  > me
> > >
> > > what
> > >
> > > >  >options I need to set for PCI cards?  And where do I find the
>
> details
>
> > > for
> > >
> > > >  >each card? (I can dig out the drivers disk if needed, but for PCI I
> > > >  > normally don't need them).
> > > >  >
> > > >  >Thanks in advance.  If I can get this working, I think I can get
> > > >  > the company moving towards Linux more (not that we've ever been
> > > >  > opposed
>
> to
>
> > > >  > it...).
> > > >  >
> > > >  >(I'll buy a beer for who ever comes up with the answer - probably
> > > >  > at the install fest in a couple of weeks).
> > > >  >
> > > >  >Shawn

Reply via email to