[Vyatta-users] Router For Lab Testing

Wed, 21 Nov 2007 13:22:33 -0800 

Hello,
I'm new to vyatta and configuring routers. I am trying to set up a router between our production network and a computer lab. I need it to only allow RDP, SSH and FTP connections from the production network to computers inside the lab. I also need it to block any traffic from the lab network to the production network. 


I normally would use a firewall/NATed router to connect the two and  
forward connections to single computers, but the lab has grown too  
large for this and we just need routing without NAT.



Here is the config file so far, but I know I have lots more work to  
do, any pointers would be greatly welcomed. Also, this first route  
left over from when I was going through the guide looks to me like it  
needs to come out.


/*XORP Configuration File, v1.0*/
protocols {
    static {
        disable: false
        route 0.0.0.0/0 {
            next-hop: 10.10.7.199
            metric: 1
        }
    }
}
policy {
}
interfaces {
    restore: false
    loopback lo {
        description: "loopback"
        address 172.16.0.1 {
            prefix-length: 32
            disable: false
        }
    }
    ethernet eth0 {
        disable: false
        discard: false
        description: "interface 1 production network"
        hw-id: 00:0e:0c:b8:4d:12
        duplex: "auto"
        speed: "auto"
        address 10.10.7.199 {
            prefix-length: 21
            disable: false
        }
    }
    ethernet eth1 {
        disable: false
        discard: false
        description: "Interface 2 lab network"
        hw-id: 00:0e:0c:b8:4c:65
        duplex: "auto"
        speed: "auto"
        address 10.20.0.1 {
            prefix-length: 24
            disable: false
        }
    }
    ethernet eth2 {
        disable: true
        discard: false
        description: ""
        hw-id: 00:16:17:6c:7b:d9
        duplex: "auto"
        speed: "auto"
    }
}
service {
    ssh {
        port: 22
        protocol-version: "v2"
    }
    webgui {
        http-port: 80
        https-port: 443
    }
}
firewall {
    log-martians: "enable"
    send-redirects: "disable"
    receive-redirects: "disable"
    ip-src-route: "disable"
    broadcast-ping: "disable"
    syn-cookies: "enable"
}
system {
    host-name: "dev-rt-10-20-0-0"
    time-zone: "GMT"
    ntp-server "69.59.150.135"
    login {
        user root {
            full-name: ""
            authentication {
                encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
            }
        }
        user vyatta {
            full-name: ""
            authentication {
                encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
            }
        }
    }
    package {
        auto-sync: 1
        repository community {
            component: "main"
            url: "http://archive.vyatta.com/vyatta";
        }
    }
}


/* Warning: Do not remove the following line. */

/* === vyatta-config-version:  
"[EMAIL PROTECTED]:[EMAIL PROTECTED]:[EMAIL PROTECTED]:[EMAIL PROTECTED]:[EMAIL PROTECTED]:[EMAIL PROTECTED]:[EMAIL PROTECTED]" ===  
*/



I have attached a graphic of what I'm trying to do...





<<attachment: dev-rt-10-20-0-0.png>>
_______________________________________________
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users






















					Reply via email to