Setup Configuration
-
I am having a little of a challenge and I was wondering if I could get a few hints were to look. What we have is network for a test network.
The setup is we have a line running from the corporate network into our server. Our server has 3 network cards in it. RE0 = WAN (172.16.2.135 static DHCP) RL0 = LAN (I named is ServerNet) RL1 = Opt1 (I named it LABNet1). The WAN is DHCP setup from the main network. The other two I configured their IP's to be 10.0.1.1 (ServerNet) 10.0.2.1 (LabNet1). I want to run DHCP so I have it set to do 10.0.1.1/24 10.0.2.1/24.
The problem is I can't get LabNet or ServerNet to connect to the internet at all. I am really lost as to why I can't get them connected at all. I tried to setup the NAT and then I could get connected to the internet but none of the rules appear to be working. I need the ServerNet and LabNet to see each other. But I want to setup rules (like use a proxy) on the labnet but not on the servernet. Help?
-
Most likely it is the WAN option to block private IPs though there are other possibilities as well. What have you done to the box so far?
-
Thank you for your reply.
I have removed the option in the past to block all of the private IP's and the bogon's. I have toyed with various firewall rules to allow all traffic outside.
I configured the gateway's to point to the main IP for each of the interface. I tried to setup a static route for everything to get to the gateway of the corporate network (172.16.2.1) and still not getting anything. Eventually I setup another test box and configured just the WAN and LAN interface. I setup the outbound NAT and in it I configured everything to be any for protocol, source, destination, and for the translation I set the address to be the "Interface address". This will get me on the internet. However, I am wondering if I am doing this right.
I assume I have to set NAT. Does this mean that I won't be able to see the 10.0.1.1 network from the 10.0.2.1 network? What about the firewall rules and setting up the proxy server on the 10.0.2.1 network?
Again I am extremely grateful for the help.
-
It is better to get get each network segment working to the internet, then you can work on getting them to talk to each other. Basically it is rules and a lack of NAT for each network to talk to each other. Without knowing what rules you have set, what NAT you have set, and the packages you have installed, it becomes a guessing game for us. LAN is going to have a default allow rule, but any OPT interfaces will not. If you have not created a rule there then opt interfaces will not have internet or any access.