So I thought I would upgrade from cable (Comcast) to fiber (AT&T) and gain some speed while saving some cash.
The cable is simple Docsis 3 modem, plug it in and everything works.
With fiber you have to use the supplied router/gateway, and while you can disable the routing and gateway functions, connection apparently can be achieved only through port forwarding.
My server has Eth0 - green, and Eth1 - red. I cannot figure out how to set port forwarding to Eth1 (enp2s0) the only address i see is that provided by ISP.
I hope I am missing something. Can anyone enlighten me about how to make this work?
Thanks.
If I understand correctly you will insert into red of NS directly the IP provided from ISP.
I think that ports are all open to this IP and it will be the NethServer to filter connections.
You understand correctly. The problem is that according to ISP they can accomplish this only through IP forwarding, and they require me to give them a forwarding address or port. Unfortunately I have no clue what to give them. Meanwhile I have lost acces to the web interface (not sure why), but at least I still have command line access. Too bad there is no GUI that way since I am mostly clueless when it comes to Linux commands.
It depends. Normally yes, but ISP can provide a type of subscription that consent to you to insert directly the public IP address in the RED IP address field of your firewall. It depends by subscription, router and type of connection (VDSL,ADSL,Radio,ecc…).
Normally, this type of configuration is provided with business contract.
Yes. All ports should be directly forwarded to the firewall without any configuration.
You have to apply PF configuration on your firewall if you need to forward some ports to internal devices.
The address on the RED interface is the public address assigned by ISP through DHCP. According to ISP it is mandatory to use their router/modem between ONT (optical network terminal) and Nethserver and they claim that can be accomplished only through IP forwarding.
Maybe the best solution is to configure as single NIC and let their equipment handle routing/gatewayDHCP etc. But I do not know how to configure that.