Printable View
I am trying to link the red network of Ipcop to my router, and I need your help to find the right config. The address of router is 192.168.1.1. So I have ipcop installed between this router and 2 switches to network orange and green.
My goal is to create a vpn that allows me to connect to my green network through the red network from outside. I have fixed address on the red network and gave 192.168.2.0 network as orange and 192,168.3.0 to the green network. The router is connected via RJ45.
What is the problem? Attention question should be a bit more complete example:
Schematic:
Internet <-> router <-> (Red) Ipcop (Orange + Green)
Addressing:
router: fixed public ip address 74.xxx / addressing internal 192.168.1.1/255.255.255.0
Ipcop (Red): static address: ip 192.168.1.10/255.255.255.0, dns 192.168.1.1, gateway 192.168.1.1
Ipcop (Orange): ip 192.168.2.1/255.255.255.0
Ipcop (Green): ip 192.168.3.1/255.255.255.0
Green PC: dhcp provided by Ipcop: range 192.168.3.10-192.168.3.39
What I want to:
What I have configured:
Tests: (descr Config) + (descr tests) + (Results)
Schematic:
Internet <-> router <-> (Red) Ipcop (Orange + Green)
Addressing:
router : dynamic public ip address / internal static address 192.168.1.1/255.255.255.0
Ipcop (Red): static address: ip 192.168.1.254/255.255.255.0, dns 192.168.1.1, gateway 192.168.1.1
Ipcop (Orange): ip 192.168.2.254/255.255.255.0
Ipcop (Green): ip 192.168.3.254/255.255.255.0
Green PC: dhcp provided by Ipcop: range 192.168.3.1-192.168.3.30
What I want to do: I want to create a network with a DMZ (ISP ---> 2 server on linux (web-mail/ftp) -> 192.168.3.253 and 192.168.3.252 and a secure network (green ---> 1 server Linux (samba / printing )---> 192.168.1.253 +6 client (windows and linux).
The aim is to secure the whole with a post which is dedicated IPCOP DHCP server at the same time for the green network and allows VPN access to the Green Zone of client located on another site and having such configuration - Internet <-> livebox <----> IPCOP <----> posts client. For the moment I am still in early labor so I installed IPCOP clients 192.168.3.0 connect well on ipcop but ping that I make the firewall on my box tells me that it is not reachable. I think it comes from my router configuration but I turn around and still no solution. May be the public address must necessarily be static??
Here I hope my problem is clearer now
Well, I can not say there is not much info.
(The Linux/Samba should be 192.168.3.253 instead of .1.253!)
Note 1:
When you install a ipcop, it is important and critical thinking to BOT, the only way to really control the flow.
Note 2:
A pc in green may well ping the box, subject to adequate flow icmp from Green to Red and IPCop is allowed to do its job ie NATER and the outflow through Red. If the stream is not NATE, the box will not know how to return the package back.
There is a serious anomaly that a ping does not return. It's strange because the scheme is simple, addressing operations are good and correct. We must understand for what this does not: tcpdump on ipcop is essential for this ...
Note 3:
Note: IPsec and Livebox do not mix. We must also consider the difficulty between IPsec and dynamic address (or 2) even duly appointed through a dynamic name. I read that Zerina aka OpenVPN is the alpha net2net.