[plug] Query about gateway computer settings

Peter demo9 at gswd.com
Fri Mar 25 01:49:41 WST 2011 

On 24/03/11 22:13, Bret Busby wrote:
> On 24/03/2011, Peter<demo9 at gswd.com>  wrote:
>> On 24/03/11 17:13, Bret Busby wrote:
>>> On 24/03/2011, Richard Meyer<meyerri at westnet.com.au>   wrote:
>>>> On Thu, 2011-03-24 at 16:38 +0800, Bret Busby wrote:
>>> <snip>
>>>
>>>
>> Hi Bret,
>>
>> I may be jumping in a little late on this but are you still running
>> debian on the gateway computer?
>>
> Yes.
>
>> If so, (and you therefore have not reloaded Smoothwall or another
>> 'firewall' product), then it may simply be a case of configuring the
>> firewall/routing on the gateway properly.
>>
>> Have you tried using a tool like "Firestarter" to configure the
>> firewall/routing?
>>
>> If not, I would recommend installing firestarter (as a test....
>> smoothwall would be better in the medium term)..
>>
>> Just do "apt-get install firestarter&&  firestarter"  and follow the
>> prompts...
>>
> I had downloaded and installed fwbuilder, but I had wanted to make
> sure that I could access the Internet from the workstation, via the
> gateway computer, before I set up a firewall on that computer..
>
Firestarter is a firewall manager.....   but more importantly, in this 
case, it is designed to make "internet connection sharing" easy!
That's why I recommended it.  If you can get a basic connection 
happening, you can work back from there and tighten up security.

If you are able to access the Net from the gateway machine, and you are 
able to ping the IP address of the gateway machine (LAN) from your 
workstation, then the only bit missing is the internal routing from 
192.168.2.1 -> 10.1.1.1   and that's where firestarter comes in....



>> Note:  Your will likely also need a DHCP server ( dhcp3-server ) loaded
>> &  configured on the gateway machine to allocate addresses to the LAN pc's.
>>
> The LAN computers have static IP addresses, and, as one of the LAN
> computers is the mailserver, I believe that the static IP addresses
> need to be preserved, also for operations such as ftp-ing and
> telnetting between the LAN computers.
>
Hmmm, I guess you could view it like that, but then the combination of 
DHCP & DNS has to be good for something.
I agree that servers in general (file/print/mail/gateway) should have 
static addresses but PC's should be just fine using DHCP.  If you use a 
local DNS server (bind) then you should be able to access PC's using 
their host names.

Hoping this still make sense..... it's almost 2am and I've had a loooong 
day.

P.


>> Cheers,
>> Peter
>>
>

More information about the plug mailing list