- Posts: 3
- Thank you received: 0
Ipcop: use the blue interface as a second green
18 years 1 month ago #15759
by bicio30
Ipcop: use the blue interface as a second green was created by bicio30
like object, how can i modify the blue interface to act as a second green?
i would to use 2 ip classes (e.g. 192.168.0.0/24 and 192.168.1.0/24) to share everything toghether, but on the old blue interface not give red access...
now i have copfilter installed, but my idea is to reinstall and use ipcop 1.4.10 whitout any addons....
thank a lot for any answers...
Bicio.
i would to use 2 ip classes (e.g. 192.168.0.0/24 and 192.168.1.0/24) to share everything toghether, but on the old blue interface not give red access...
now i have copfilter installed, but my idea is to reinstall and use ipcop 1.4.10 whitout any addons....
thank a lot for any answers...
Bicio.
18 years 1 month ago #15777
by DaLight
Replied by DaLight on topic Re: Ipcop: use the blue interface as a second green
Welcome to firewall.cx, bicio30.
Yes, you can use your BLUE interface as a second GREEN. By default access to RED from BLUE is blocked as is access to GREEN from BLUE. As you do not want access to RED from BLUE, we only need to figure out how to grant access to GREEN from BLUE. The following link gives the default settings for traffic between IPCOP interfaces. You can do this using any of the following methods:
1. DMZ Pinholes (Look here )
2. VPN from BLUE to GREEN (Look here and here )
The first method requires you to specify access for individual ports without a need to make changes on client machines on BLUE. Using the second method, full access can be granted to all machines on BLUE, but VPN settings will need to be configured on the machines.
Yes, you can use your BLUE interface as a second GREEN. By default access to RED from BLUE is blocked as is access to GREEN from BLUE. As you do not want access to RED from BLUE, we only need to figure out how to grant access to GREEN from BLUE. The following link gives the default settings for traffic between IPCOP interfaces. You can do this using any of the following methods:
1. DMZ Pinholes (Look here )
2. VPN from BLUE to GREEN (Look here and here )
The first method requires you to specify access for individual ports without a need to make changes on client machines on BLUE. Using the second method, full access can be granted to all machines on BLUE, but VPN settings will need to be configured on the machines.
18 years 1 month ago #15787
by bicio30
Replied by bicio30 on topic Re: Ipcop: use the blue interface as a second green
first of all, thanks for the reply!!!
yes, reading the ipcop manual i've understood the first methode, with DMZ pinholes.
the second for me is too invasive for the other machines in blue, so i tried with pinholes.
if i set pinholes for tcp and udp ports from 1 to 65535 can i access from one to the other like a big net??
i tried, but without success...
i also will try to install ipcop in another machine to make some test, because i had problems with my actual firewall machine in the very first setup (i had to update the bios to make 3 nics working).
i will try and repost..
thanks again.
Bicio.
yes, reading the ipcop manual i've understood the first methode, with DMZ pinholes.
the second for me is too invasive for the other machines in blue, so i tried with pinholes.
if i set pinholes for tcp and udp ports from 1 to 65535 can i access from one to the other like a big net??
i tried, but without success...
i also will try to install ipcop in another machine to make some test, because i had problems with my actual firewall machine in the very first setup (i had to update the bios to make 3 nics working).
i will try and repost..
thanks again.
Bicio.
18 years 1 month ago #15807
by DaLight
Replied by DaLight on topic Re: Ipcop: use the blue interface as a second green
I agree that you need to ensure that all the NICs are working properly. Did you specify the ranges in this format?
[code:1]1:65535[/code:1]
I'm sure you realise that the Pinholes need to setup in one direction only, as GREEN to BLUE is open by default.
[code:1]1:65535[/code:1]
I'm sure you realise that the Pinholes need to setup in one direction only, as GREEN to BLUE is open by default.
18 years 1 month ago #15817
by bicio30
Replied by bicio30 on topic Re: Ipcop: use the blue interface as a second green
yes, i agree...
from green to blue i had problems, so i try to install in another machine.
yes, the format of port range is that (if not, ipcop gives me an error)
now the firewall is on thin compaq client.
i think (ehm, i hope) to resolve with a new installation in a standard machine.
thank a lot again!!!
Bicio.
from green to blue i had problems, so i try to install in another machine.
yes, the format of port range is that (if not, ipcop gives me an error)
now the firewall is on thin compaq client.
i think (ehm, i hope) to resolve with a new installation in a standard machine.
thank a lot again!!!
Bicio.
Time to create page: 0.129 seconds