Hello all,
I've recently tried to increase the security (and increase the throughput) of my network by trying to move external services of the server to a secondary external IP. But I've not been successfull. I think that there is a problem with the firewall configuration and quite possibly also a default gateway problem.
To make my question more clear I've created jpegs to help understanding what I wish to do.
In the old situation I've setup firestarter but that program simply won't do for the new situation. See pic for the old setup.
In the new situation I've uninstalled firestarter and installed fwbuilder which seems to be complex enough to do what I wish to do. I'm not a very big fan of command line I'm afraid, so I skipped ufw for setting up iptables.
Now when I go into my website in a browser, it won't connect. When I connect with inside ip from inside it works. (as long as there are no mydomain.nl references.) I can see all interfaces have an IP, so that is not it. If I disable the firewall AND the internal interface, the website will work from the outside.
Is this a gateway problem or a firewall problem ? Any help appreciated. How can you setup 2 default gateways ?
Ar
Code:
/etc/hosts (new situation)
Aaa.bbb.ext.ip IOSERV
127.0.0.1 localhost.localdomain localhost
::1 IOSERV localhost6.localdomain6 localhost6
192.168.1.199 IOSERV
# IOSERV is the internal name of the server, not the domain.nl name.
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
/etc/network/interfaces (new situation)
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
# The secondary network interface
auto eth1
iface eth1 inet dhcp
/etc/hostname
IOSERV
Bookmarks