-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Goran Poprzen wrote: > BTW, here is what IPCop's "orange mantra" says: > > . Orange must be on a separate physical wire from Green (not on same > hub/switch) Check > . Orange must be on a separate logical subnet. Check > . Orange cannot send nor respond to ICMP. (ie., PING). I disagree with this. I am not sure why so many people have a thing against echo-reply. It can save much time and effort when troubleshooting (not all ICMP types are benign, but disabling all ICMP is amateurish at best). > . Orange must always use ISP DNS for name resolution. Yup, it does, just not the same ISP that is used for Green Internet access. > . Orange must always point to the IPCop Orange interface as its gateway. Ah, this does not suit the environment. I will manually add the routes required for green access and try again. > . Orange can be accessed from Green ONLY by it's internal IP address > unless /etc/hosts on IPCop is editted. Orange hosts only have 1 interface. > . Orange cannot access Green unless pinholes are opened. That is the point of a DMZ > . Orange can be port-forwarded to in exactly the same manner as Green. > > I solved my problem with fourth point :) It does not look like ipcop will work the way I need in this case. Thanks for your reply. I suppose I should not have overused google and spent more time with their site directly. > > On 7/4/06, *Goran Poprzen* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > When I setup my web server on orange interface, I had different > problem: wasn't able to access internet from the box. Problem was > that dns pointed to ipcop - had to be pointed to shaw dns servers. > Regarding your problem there is a thread on > > http://www.ipcops.com/index.php?name=PNphpBB2&file=viewtopic&t=6817&sid=ffcefba9889cd835e4a96b44b7a85493 > > <http://www.ipcops.com/index.php?name=PNphpBB2&file=viewtopic&t=6817&sid=ffcefba9889cd835e4a96b44b7a85493> > > I didn't go deep into this, you should check it. Hope this helps. > > > On 7/4/06, *Gustin Johnson* < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Does anyone here have much experience with ipcop and an Orange > (DMZ) > interface? The problem I am having is that one of the file > servers is > in the DMZ, but none of the hosts in the green network can > access the > file server (either with ping/icmp or by mounting drives as usual). > > I have disabled all but the openvpn plugins. > > Any ideas? _______________________________________________ clug-talk mailing list [email protected] <mailto:[email protected]> http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines ( http://clug.ca/ml_guidelines.php) **Please remove these lines when replying > ------------------------------------------------------------------------ > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEq90OwRXgH3rKGfMRAjx/AJ4v6Ct5yymDs7yILfu7WrcSgoB2qACfYL5s OXYt5eYxtq5jmLHQ0uklgDQ= =pyaw -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
