NethServer Version: 7.6.1810 Module: Basic Firewall
--------- Ignore this, I Gave up on firewall & moved on. --------
Not in a panic, I have a lot more learning to do.
I have a 4-port NIC on the PCIe bus plus a Motherboard NIC
I have equipment running on a switch plugged into the router.
My plan is to have the 4-port NIC be the firewall Red-Orange-Blue-Green and NS7.6 run the Motherboard NIC plugged into the Orange port.
I plan to reinstall NS with the PCIe 4-port card enabled and the Motherboard NIC disabled. Then after the firewall is up I enable the Motherboard NIC and plug it into the Orange port. I want it to mimic separate machines for firewall - email - ftp and all. Part of my KISS logic. Am I wrong here. My first attempt installing NS with the motherboard NIC left two Green zones & errors.
Also my AT&T router is set at 192.168.1.254 firewall enabled.
So NS7.6 = 192.168.1.10 RED with port passthrough
192.168.2.0/24 Orange Zone
192.168.3.0/24 Blue Zone
192.168.4.0/24 My internal Green zone separate from the router.
Once it is working I’ll move my switch over to it.
Sound Silly?
I would not disable NIC on motherboard. IMHO not necessary during setup phase…
Appendix: be sure to know all the mac addresses of your network cards, helps a lot during the setup.
Ive reinstalled a dozen times, each time trying something new. It always sets the motherboard nic as my green zone. I get errors if i try to create a second green zone using the 4p card which is where i want it. Cant delete my only green zone either. But i should repeat it a few times to be sure. I know my MAC addresses.
Dozen is “a lot”.
Recently I made an HDD-transfer from old scapegoat (AMD Athlon64 LE-1660 with 4gb of ram to Core 2 Duo E6600), for try to improve a bit the performance. Two (of four) cards were transferred from old to new pc, but i had to remap roles and interface on new interface.
All the new lan cards were zoned into a “green bridge”, then i changed the role once i connected the green interface where i wanted to.
I think that you should be able to do the same thing on your setup, choosing the port on your 4port Lan which should become the “Green” one, therefore… connect it to the “remote console” pc, which you’ll use to continue the setup of your NethServer.
Dozen is nothing for me - I have to learn the hard way. Besides a firewall behind a firewall is silly even if it is a transition. Firewall wasnt my main intent. Email Cloud and Zoneminder are all I care about. not going to eliminate the router although I do remember an option to disable the router’s firewall.