Hi
I think there are a few misunderstandings here…
I don’t think
If NethServer is not your firewall, why is one interface red?
You could have two green, if you only need 2 networks…
I have detached red so forget red
I have only 1 cable on green iterface
NETH|<--green->SWITCH<->FIREWALL<->ISP ROUTER
If you need 2 networks, it is better to let your router do that.
My main lan is 192.168.1.x
Firewall can manage IPSEC remote user or SSL VPN user so they can be reflected on the main LAN but with a different IP
IPSEC 192.168.100.x
SSL 192.168.200.x
____________________REMOTEUSER
|
NETH|<--green->SWITCH<->FIREWALL<->ISP ROUTER
If not firewall, why 2 network interfaces, AND one of the two is RED?
Forget RED it is not the focus
If it IS acting as firewall, red MUST point to the internet.
And red will not accept connections…
Connection are flow to neth via GREEN
You contradict yourself within two sentences:
“Everything is working” (Then why this post?)
No this is the firs part of a sentence but I explain well
AD and SAMBA actually is working in LAN when reached by 192.168.1.x
“My firewall manage VPN AND inside the lan I can have IP of 192.168.100.x that try to reach 192.168.1.x”
(Try to reach? Meaning it’s NOT working?)
Any external machine that has 192.168.100.x (if connected with IPSEC) or 192.168.200.x (SSL VPN) can reach any machine inside the LAN for example 192.168.1.35 (an http server) but NETH which has ip 192.168.1.41 can’t be reached on any of its port http, http-admin, samba, etc. by IPSEC or SSL VPN machine.
My questionis is “Is there something that discard packet on NETH” I think the answer is YES, how to enable 192.168.100.x to reach NETH services. My concern is also on AD, in NETH it is created using a wizard and result on another IP 192.168.1.40