Hello all,
We are looking to retire our ancient PIX box at the colo and replace it with
Shorewall, which we've been successfully using (along with OpenVPN) at the
headquarters for quite a while.
However, I'm missing something basic in the config. I have the base
configuration set up, but cannot seem to get our routed IPs to be picked up.
Here is the basic config:
We have a block of addresses, 66.x.x.128/28, which are routed through
64.x.x.150/29.
I set up eth0 to be the 64.x.x.150 address, with the gateway of 64.x.x.145
I set up eth1 to be 192.168.x.1
In /etc/shorewall/zones, I set up three zones:
loc
net
net1
in /etc/shorewall/interfaces, I defined:
loc eth1
net eth0
in /etc/shorewall/hosts, I defined:
net1 eth0:66.x.x.128/28
in /etc/shorewall/masq, I defined:
eth1 eth0
With this setup, I can get out to the internet from the 192.168.x.x
network. However, I'm missing something with the routed IPs. I can't seem
to figure out how to define them on the server so that Shorewall can use
them and then later set up DNAT definitions from the 66.x.x.128 network to
the 192.168.x.x network.
I apologize if I left anything out, or if this doesn't make much sense.
I've been working on this for a while, and just got done poring over the
documentation. Any tips or info is much appreciated. Thanks!
Greg Gowins
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
