Is the traffic go through two green?

Today, I wake up with one tip in mind…
I have 3 nics…
Eth0 for Wan
Eth1 as lan ( green 192.168.100.0 / 24 ), my Mac is on this Lan
Eth2 as lan ( green 192.168.200.0 / 24 ), my Time Capsule as Wifi Access Point is on this Lan.

My Mac can’t see my Time Capsule…

In Nethserver where there’s two Nics as green…Is the trafic go through? Did I need to open the firewall or make rules to passthrough?

Dear Jim ,

Have a look to /var/log/firewall.log , while trying to access from 192.168.100.0 / 24 to 192.168.200.0 / 24 network .
It it appears drop , make changes to shorewall /etc/shorewall/policy:
loc loc ACCEPT

I have to wait a little, with family I plan to go away for the week-end.
And yesterday I have difficulties to configure the network with a fresh Centos install…

I will try monday

Why Nethserver can’t act as router by default?

it acts by Blue zone and Orange one, but it is only your Case and you should do it by yourself. Sorry all BC we could not cover.

What is the static route menu for? the doc is very succinct here…

It is impossible to document all user cases :slight_smile: you should use your Brain.

1 Like

Where to click to do this ? :smiley:

1 Like

No, this is not working !

I made it in other way:
In the firewall object. I made a CIDR subnet object lan1 and a 2nd object lan2 for the other subnet.

In the firewall rules, I create two rules,

  • accept anything from lan1 to lan2
  • accept anything from lan2 to lan1

It’s working

Edit: still not find the damned brain module in the left menu :smiling_imp:

you rule have the save behavior :slight_smile: but my should change policy in /etc/shorewall but this change rules file , still loc to loc should work

find changes :slight_smile:

Not sure, because “accept anything from green to green” is not working.

Probably because it can`t make the distinction between one and the other one…

could you show /var/log/firewall.log while you configure only loc to loc and make tracert command from 1 net to other one ? I have no chance to test :frowning:

As for as I know there isn’t any block between two green. Am I wrong @davide_marini?

It’s blocked.
It’s not a bad thing finally ( after use the Brain module :wink:) , a SME can have distinct LAN for isolate departement like R&D, or test environment…