I have been quite smitten by SecureMandrake. I have downloaded RC1 and
have tried to use it with three NICs. Here are some of my experiences.
1. It took me awhile to realize that RC1 was available as the only links
on http://www.linux-mandrake.com/en/ftp.php3 are for the older i386
version.
2. I am continually getting messages (on IE but only once/session on
Netscape) that the security certificate has expired. I wonder if I am
doing something wrong as I see no mention of this in the archives (thanks
for posting the link). I also had this with the Beta 4 version.
3. I have a very odd thing that I do not understand. This occurs both in
on a Mac and on a PC. If I set the clients to do DHCP and leave the DNS
entry blank then the everything is fine with the firewall. But if I manually
enter the IP number of the DNS then DNS fails and I can only browse by IP
number and not by domain name. Oddly this is also true if I configure
both the Mac and PC with static IP numbers (i.e. leaving DNS blank works,
adding DNS entries breaks the DNS service). All this time I can log onto
the firewall with ssh and use lynx to browse either by IP number or by
domain name.
4. Although I know that a DMZ is not supported I thought I might be able
to do a poor man's DMZ by adding the third NIC. I got RC1 to recognize all
the cards and set up a Sparc to talk to the "DMZ" NIC. The Spark can Ping
the firewall NIC, the routing table indicates that the eth2 (DMZ)
interface gets the 192.168.2.0/24 traffic. I can ping the Sparc at
198.168.2.56. But if I redirect incoming HTTPD traffic to 198.168.2.56 I
do not see any activity on the eth2 interface.
Thanks for your help.
