Basic Home firewall setup

Flockhammer · October 20, 2017, 8:14pm

NethServer Version: 7.3.1611
Module: Dell R410

I’m looking to use NS as a firewall for my home network. 4 port setup 1 for internet (direct ethernet handoff) and 3 for LAN(1 wired 1 wireless 1 management). I’m having issues getting the red to talk with the green and was wondering if anyone had any suggestions on a basic setup ie firewall policies needed to make all networks speak to one another and any other suggestions on restrictions. I’m used to a Fortigate setup from my work but I’ve never set one off from scratch only troubleshoot issues.

mrmarkuz · October 20, 2017, 8:23pm

Hello @Flockhammer,

I also use FortiGates at work but NS is easier IMO. See the docs:

http://docs.nethserver.org/en/v7/firewall.html

http://docs.nethserver.org/projects/nethserver-devel/en/v7/nethserver-firewall-base.html

What exactly do you want to do? For red to green you may use port forwarding.

Flockhammer · October 20, 2017, 8:31pm

Red is a direct ethernet handoff from the ISP, Green is LAN. Just looking to get the traffic to flow so the LAN has a connection to the internet.

mrmarkuz · October 20, 2017, 8:34pm

This should work by default: Green has access to red.
Can you connect to internet from nethserver? You can test from web UI, menu diagnostics.

Jim · October 21, 2017, 12:45pm

Hi,

Take a look a this bunch of user guides
https://wiki.nethserver.org/doku.php?id=user_guides

Flockhammer · October 21, 2017, 2:36pm

It is pulling a public IP but I’m still not able to access the internet or ping the red interface from any attached equipment. I’ve tried adding some any any policies but still no luck.

Heres a look at the current setup.
em1 LAN side for Linksys router
em2 Internet connection
ptp1 NA
ptp2 managment connection

Jim · October 21, 2017, 2:55pm

With any computer… put a fixed ip adress 192.168.15.1/24 and the gateway 192.168.15.0 and connect it directly on em1

And try pinging google 8.8.8.8

Flockhammer · October 21, 2017, 3:07pm

that worked for my laptop. So what about trying to go to a linksys router? Would I need to do the same or is there a to use DHCP from the firewall?

Flockhammer · October 21, 2017, 4:01pm

I have everything working now! thanks for the help. In the end, I just setup the Linksys connected to the r410 with a static route and everything started passing traffic.

Jim · October 21, 2017, 4:39pm

You have two choice:

doing like as you did: in this case, the dlink has a fixed ip adress and probably doing the DHCP service for your LAN clients.
another way should be to configure a DHCP service on em1 and configure your dlink in bridge mode and dhcp client.

Try to “map” your network, after,it’s easier to choose “where” to put services like DNS, DHCP, NTP…