Hi and ty Aubrey for your answer.
For this config, can i create many rules for acces of a range like
A.B.C.64-94
In rules 10
source {
range{
start: "A.B.C.64"
stop: "A.B.C.94"
}
}
In rules 20
inside-address {
range{
start: "A.B.C.64"
stop: "A.B.C.94"
}
}
And, have a solution to dont lose the acces to the vyatta.
I can acces to the A.B.C.95 ?
The vyatta box is connected to E.F.G.17/30 (wan side internet)
And A.B.C.64-94 (internal side - public web service)
----------------------------------------------------------------------------
----------
protocols {
static {
disable: false
route 0.0.0.0/0 {
next-hop: E.F.G.17
metric: 1
}
}
}
policy {
}
interfaces {
restore: false
loopback lo {
description: ""
address 10.0.0.65 {
prefix-length: 32
disable: false
}
}
ethernet eth0 {
disable: false
discard: false
description: ""
hw-id: 00:30:f1:42:04:c3
duplex: "auto"
speed: "auto"
address E.F.G.18 {
prefix-length: 24
disable: false
}
}
ethernet eth1 {
disable: false
discard: false
description: ""
hw-id: 00:30:f1:42:05:e8
duplex: "auto"
speed: "auto"
address A.B.C.95 {
prefix-length: 24
disable: false
}
}
}
service {
nat {
rule 10 {
type: "source"
outbound-interface: "eth0"
protocols: "all"
source {
address: "A.B.C.64"
}
destination {
network: "0.0.0.0/0"
}
outside-address {
address: E.F.G.18
}
}
rule 20 {
type: "destination"
inbound-interface: "eth0"
protocols: "all"
source {
network: "0.0.0.0/0"
}
destination {
address: "E.F.G.17"
}
inside-address {
address: A.B.C.64
}
}
}
ssh {
port: 22
protocol-version: "v2"
}
telnet {
port: 23
}
webgui {
http-port: 80
https-port: 443
}
}
firewall {
log-martians: "enable"
send-redirects: "disable"
receive-redirects: "disable"
ip-src-route: "disable"
broadcast-ping: "disable"
syn-cookies: "enable"
}
system {
host-name: "rt01-estephe"
domain-name: "xxxxx.net"
name-server 80.118.192.100
name-server 80.118.196.36
time-zone: "GMT+1"
ntp-server "0.fr.pool.ntp.org"
ntp-server "1.fr.pool.ntp.org"
gateway-address: E.F.G.17
login {
user root {
full-name: ""
authentication {
encrypted-password: "---"
plaintext-password: ""
}
}
user --- {
full-name: "Regis"
authentication {
encrypted-password: "---"
plaintext-password: ""
}
}
}
package {
auto-sync: 1
repository community {
component: "main"
url: "http://archive.vyatta.com/vyatta
<http://archive.vyatta.com/vyatta%22> "
}
}
options {
reboot-on-panic: true
}
}
Thank you again for the answer.
Régis BOULINEAU
----------------------------
_______________________________________________
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
