Hello --
I have a question about Gateway Mode. I have two NIC's installed and testing in a lab environment. I have the Community edition and it's set to Gateway Mode. I have one NIC#1 set to External (for my internet connection 192.168.1.50), and NIC#2 set to LAN for internal desktops, etc. (192.168.1.51) What I'm seeing is that the ports for SSH (22) and management (85) are only open on NIC#1 (External) --I have firewall rules enabled; therefore, that's what they're accessible via the External connection. Where I'm confused is than on the LAN side, NIC#2 (192.168.1.51), no ports at all are open --neither the management (85) or ssh (22). Any idea why the LAN side ports are blocked by default, I would have though once set to LAN that NIC would be wide-open. Any suggestions why this is happening?
Couple attachments below of setup and scans of external and internal.
Thanks!
I have a question about Gateway Mode. I have two NIC's installed and testing in a lab environment. I have the Community edition and it's set to Gateway Mode. I have one NIC#1 set to External (for my internet connection 192.168.1.50), and NIC#2 set to LAN for internal desktops, etc. (192.168.1.51) What I'm seeing is that the ports for SSH (22) and management (85) are only open on NIC#1 (External) --I have firewall rules enabled; therefore, that's what they're accessible via the External connection. Where I'm confused is than on the LAN side, NIC#2 (192.168.1.51), no ports at all are open --neither the management (85) or ssh (22). Any idea why the LAN side ports are blocked by default, I would have though once set to LAN that NIC would be wide-open. Any suggestions why this is happening?
Couple attachments below of setup and scans of external and internal.
Thanks!
Share this post:
Responses (2)
-
Accepted Answer
It is happening because you have both NIC's on the same LAN subnet. Routing will not work in this case. What is most likely happening is that ClearOS is receiving your nmap on its .50 interface, but, because of the routing issues, replying on the .51 interface which nmap will not be listening on. If you are testing ClearOS on your LAN like that, with the ClearOS WAN connected to your LAN, really you will need a separate network/machine to connect to the ClearOS LAN. Is should always be on a different subnet from you "WAN".
FWIW, it is best to avoid the 192.168.0.0/24 and 192.168.1.0/24 subnets on you LAN. -
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »