Safe@office 500 question: route for lans - Topic Powered by eve community

Hello,

I have a Safe @ Office 500. In that I have a firewall entry WAN where a cable comes with 3 ip's.
I would like the traffic of each WAN IP was directed to a LAN port.
Anyone know what to say if the Safe @ Office 500 do it? And if does, as this set?

Today it is my setup: (IPs fictitious)
WAN IP 200.150.150.215 / 200.2150.150.216 / 200.2150.150.217 Submask 255.255.255.128
LAN:
192.168.10.1 (sofa500)
192.168.10.2 (lan 1)
192.168.10.3 (lan 2)
192.168.10.4 (lan 3)

Basically I have the rules released the traffic on the doors of my interest.
I am defined as a Route
Source Network: 200.150.150.0
Netmask Source: 255.255.255.128
Destination Network: 192.168.10.0
Destination Netmask: 255.255.255.0
Service: Any
Next Hop Ip: 192.168.10.2

So what's happening is that with only route for the first server's internal network.

How do to the office @ 500 safe route for other LANS?

Safe @ Office 500 - 7.5.55x

Posts: 1 | Registered: April 23, 2008

Clayton.Lee

Junior Member

Posted

Hide Post

quote:
So what's happening is that with only route for the first server's internal network.

Hmmm, if it were me doing it, I would do the following:

Create a "Single Computer" network object called "Computer1" (or whatever floats your boat) for 192.168.10.2. While creating the network object, choose the checkbox "Perform Static NAT", and enter the IP 200.150.150.215.
Create an "Allow" rule (not allow and forward) with the Source set as WAN, the destination set as "Computer1" and the service to be "Any".

You don't need to do anything with routes or anything else, the Safe@Office automagically works all of that stuff out - arp entries, routes etc.

The hosts that you are forwarding all traffic to have to have the Safe@Office LAN IP as their default gateway.

------------------

Note that this assumes several things - firstly that you have 3 available IP addresses IN ADDITION to the one you are using on the WAN port of your Safe@Office.

If you only have 2 additional, and the one you are using on the safe@office it becomes a little more difficult - you would need to do an allow and forward rule with the one that is assigned to the Safe@Office. It would be cleaner if the safe @office had it's own IP.

Secondly, this is a massively insecure setup - basically it is turning your expensive firewall into a router. Normally you would create specific rules to forward the ports you need (25/53/80/110/443 etc) through to the hosts and drop all other traffic.

Hope that isn't too confusing.

Clayton

Posts: 6 | Registered: April 29, 2008

Previous Topic | Next Topic

Please Wait. Your request is being processed...

[x]

Site

sofaware.infopop.cc

Servlet

eve2da005

Version

1.2.22 build 9062

Module

Forums 4.0.3

Stylesheet

"SofaWare Forums"

Wordlet Set

"Default Wordlet Set"

Logout: sofaware.infopop.cc
Update Groupee Account

SofaWare Home Page

sofaware.infopop.cc

SofaWare Discussion Groups

Internet Security Appliances

Safe@office 500 question: route for lans

	View $GS_USERNAME's Public Profile
	Add $GS_USERNAME to my Buddies
	Add $GS_USERNAME to my Ignore ListRemove $GS_USERNAME from my Ignore List
	View Recent Posts by $GS_USERNAME
	Notify me of New Posts by $GS_USERNAME

Quick Reply to: Safe@office 500 question: route for lans
Guest Name

Close \| Use Full Posting Form \| Quick Quote

Rate Topic