Is the traffic go through two green?


#1

Today, I wake up with one tip in mind…
I have 3 nics…
Eth0 for Wan
Eth1 as lan ( green 192.168.100.0 / 24 ), my Mac is on this Lan
Eth2 as lan ( green 192.168.200.0 / 24 ), my Time Capsule as Wifi Access Point is on this Lan.

My Mac can’t see my Time Capsule…

In Nethserver where there’s two Nics as green…Is the trafic go through? Did I need to open the firewall or make rules to passthrough?


First(s) installs, few observations and help still needed
(Artem Fedai) #2

Dear Jim ,

Have a look to /var/log/firewall.log , while trying to access from 192.168.100.0 / 24 to 192.168.200.0 / 24 network .
It it appears drop , make changes to shorewall /etc/shorewall/policy:
loc loc ACCEPT


#3

I have to wait a little, with family I plan to go away for the week-end.
And yesterday I have difficulties to configure the network with a fresh Centos install…

I will try monday

Why Nethserver can’t act as router by default?


(Artem Fedai) #4

it acts by Blue zone and Orange one, but it is only your Case and you should do it by yourself. Sorry all BC we could not cover.


#5

What is the static route menu for? the doc is very succinct here…


(Artem Fedai) #6

It is impossible to document all user cases :slight_smile: you should use your Brain.


#7

Where to click to do this ? :smiley:


(Artem Fedai) #8


#9

No, this is not working !

I made it in other way:
In the firewall object. I made a CIDR subnet object lan1 and a 2nd object lan2 for the other subnet.

In the firewall rules, I create two rules,

  • accept anything from lan1 to lan2
  • accept anything from lan2 to lan1

It’s working

Edit: still not find the damned brain module in the left menu :smiling_imp:


(Artem Fedai) #10

you rule have the save behavior :slight_smile: but my should change policy in /etc/shorewall but this change rules file , still loc to loc should work


(Artem Fedai) #11

find changes :slight_smile:


#12

Not sure, because “accept anything from green to green” is not working.

Probably because it can`t make the distinction between one and the other one…


(Artem Fedai) #13

could you show /var/log/firewall.log while you configure only loc to loc and make tracert command from 1 net to other one ? I have no chance to test :frowning:


(Alessio Fattorini) #14

As for as I know there isn’t any block between two green. Am I wrong @davide_marini?


#15

It’s blocked.
It’s not a bad thing finally ( after use the Brain module :wink:) , a SME can have distinct LAN for isolate departement like R&D, or test environment…