Forums

Subscribe via email Subscribe via email
Subscribe via rss
Guest
or Ask a Question
Add a reply View Replies (8) →
Daniel Luiz da Silva
Daniel Luiz da Silva
Offline
Issue

Problems to Allow connections from WAN to LAN

Resolved
0 votes
Good morning everyone , I have a great difficulty to allow external access to our headquarters here in our branch, here is our connection diagram.

<INTERNET 200.XX.X>--------<CISCO ASA FIREWALL/VPN>---Private address 10.10.XX---<ClearOS WAN 10.10.XX>---<ClearOs in Gateway mode>--<Multiples LAN on ClearOS in Vlans 10.20 10.30 10.40 .............>


Our headquarters connects the cisco vpn normally and performs the ping on the network 10.10.xx, but can not ping or access networks 10.20.xx 10.30.xx ......

i need some advice to resolve this.
Thanks
Info NAT Port Forwarding Firewall newbe
In Firewall
Wednesday, July 15 2015, 01:37 PM
Subscribe via email
Share this post:
Responses (8)

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Wednesday, July 15 2015, 07:19 PM - #Permalink
    Resolved
    0 votes
    Daniel Luiz da Silva wrote:

    Thanks for all your support Nick, only one more question the "trusted gateway" mode will disable the hotlan mode ?
    I've no idea. If it drops the firewall, it may. Try it and see. Dump the firewall rules with "iptables -nvL" and possibly also "iptables -nvL -t nat".
    The reply is currently minimized Show

  • Accepted Answer

    Daniel Luiz da Silva
    Daniel Luiz da Silva
    Offline
    Wednesday, July 15 2015, 07:08 PM - #Permalink
    Resolved
    0 votes
    Thanks for all your support Nick, only one more question the "trusted gateway" mode will disable the hotlan mode ?
    The reply is currently minimized Show

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Wednesday, July 15 2015, 07:02 PM - #Permalink
    Resolved
    0 votes
    I'd guess you edit /etc/clearos/network.conf and change the MODE. I am not sure which string it would need. Doing an "egrep -i 'trusted.gateway' /usr/clearos/* -R" suggests the string you may need is "Trusted Gateway". You may need to do another network change or reboot to force ClearOS to switch into the new mode after a manual edit of the file.
    The reply is currently minimized Show

  • Accepted Answer

    Daniel Luiz da Silva
    Daniel Luiz da Silva
    Offline
    Wednesday, July 15 2015, 06:44 PM - #Permalink
    Resolved
    0 votes
    how do i enable the trusted gateway mode?
    The reply is currently minimized Show

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Wednesday, July 15 2015, 06:40 PM - #Permalink
    Resolved
    0 votes
    ClearOS, I believe, can be used as a standalone proxy but I don't think there are any configuration instructions. What you may be wanting is another undocumented mode which I think is called TRUSTEDGATEWAY, but even then I don't know how it will support a HotLAN.
    The reply is currently minimized Show

  • Accepted Answer

    Daniel Luiz da Silva
    Daniel Luiz da Silva
    Offline
    Wednesday, July 15 2015, 06:27 PM - #Permalink
    Resolved
    0 votes
    all this can be used in standalone mode? the description of standalone and standalone-no-firewall is a little vague on the docs of Clearos
    The reply is currently minimized Show

  • Accepted Answer

    Daniel Luiz da Silva
    Daniel Luiz da Silva
    Offline
    Wednesday, July 15 2015, 06:16 PM - #Permalink
    Resolved
    0 votes
    I'm using it as a transparent proxy, ids/ips, content filter and i use 1 interface as hotlan for wirelles clients
    The reply is currently minimized Show

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Wednesday, July 15 2015, 06:11 PM - #Permalink
    Resolved
    0 votes
    What are you trying to achieve with ClearOS? In your set up in gateway mode it is acting like a router so WAN -> LAN traffic will be blocked automatically.
    The reply is currently minimized Show
Your Reply