Ya_Ley
(L)
June 17, 2016, 5:04am
1
Hi
I have Network LAB for Nethserver
There are simple network, one is nethserver server with one WAN,One DMZ and Two LANs, and one is connect to Internal network(Router & Firewall) via LAN1 interface of the Nethserver and proxy server is LAN2. more detail in attachment.
Issue:
I can be managing via web interface the Nethserver form Office Network (192.168.15.0/24) I mean, the connection is reach each other, but
a Office Network (192.168.15.0/24) can not access internet via 192.168.20.2(proxy) port 3128
I am not clear why I can not access internet from Office Network, some expert please recommend.
Other question is how to Office Network reach to DMZ?
Thank you,
Yaya
1 Like
jgjimenezs
(Jose G Jimenez S )
June 17, 2016, 9:59am
2
Hi,
You have configured your Hardware NethServer with 4 ethernet?
Example:
eth0 = WAN (RED) ISP
eth1 = LAN (GREEN) DHCP server NethServer
eth2 = LAN (GREEN ROUTER) Your router acts as DHCP server?
eth3 = DMZ
Send us screenshots of your settings
regards
Ya_Ley
(L)
June 17, 2016, 10:27am
3
Hi
All eth0-3 set Static IP and routing is work as well
jgjimenezs
(Jose G Jimenez S )
June 17, 2016, 10:38am
4
OK
but NethServer is running as DHCP for your ethX network? Send us screenshots of your settings
You can configure the access from the zones created
for example:
Green to the DMZ or DMZ to the green
Green to the Guest or Guest to green
Guest to DMZ or DMZ to Guest
all this in the firewall settings, firewall objects
Jim
June 17, 2016, 12:11pm
5
Hi,
It’s normal.
Two GREEN are isolated one from other.
You have to make rules to enable communication ( LAN1 to LAN2 and LAN2 to LAN1 ).
Another point, I don.t really understand the proxy at 192.168.20.2, it’s another SERVER? Why don’t you user NethServer for proxying?
The Office Network can reach the DMZ cause of internal predifine rules:
GREEN > BLUE > ORANGE ( DMZ ) > RED
More details in the NethServer DOC…
http://docs.nethserver.org/en/latest/firewall.html
2 Likes
jgjimenezs
(Jose G Jimenez S )
June 17, 2016, 12:17pm
6
Jim:
Hi,
It’s normal.Two GREEN are isolated one from other.
You have to make rules to enable communication ( LAN1 to LAN2 and LAN2 to LAN1 ).
Another point, I don.t really understand the proxy at 192.168.20.2, it’s another SERVER? Why don’t you user NethServer for proxying?
The Office Network can reach the DMZ cause of internal predifine rules:GREEN > BLUE > ORANGE ( DMZ ) > REDMore details in the NethServer DOC.
That’s right @Jim , @Ya_Ley send screenshots to verify your settings and to help better.
Ya_Ley
(L)
June 20, 2016, 10:49am
7
Hi
Thank you,
For Proxy at 192.168.20.2 is other servers that service for Office network to access Internet.
I will be reconfigure a Firewall rules and update to you.
jgjimenezs
(Jose G Jimenez S )
June 20, 2016, 10:52am
8
Please try to send us screenshots of your settings to help better
Ya_Ley
(L)
June 29, 2016, 7:25am
11
Hi Jose,
Yes, solved
and please help about squidguard
Hi
Why a builtin expressions( !builtin ) is not work? no filter
dest builtin {
domainlist /var/squidGuard/blacklists/custom/builtin/domains
urllist /var/squidGuard/blacklists/custom/builtin/urls
expressionlist /var/squidGuard/blacklists/custom/builtin/expressions
logfile urlfilter.log
}
Profile: internet_filter
src_internet_filter within always {
pass !blacklist !in-addr !files !builtin !adv !aggressive !alcohol !anonvpn !chat all
}
Thank you
Regards