August 22, 2008 at 12:49 pm #41155
im a ZS newbie but love it sofar. A few Q. Hope someone can help.
Im trying to use ZS as a substitute to a Allot Netenforcer ($$$$). Im trying to have the ZS inbetween my ADSL Router and Firewall, so that I can QoS traffic to my seperate external IP addresses. Now lets say my ADSL IP addr(GW) is x.x.x.209. I then make ETH1 IP address on the ZS x.x.x.210 with 209 as its gw. Fine still works. Then I create a bridge with Eth0 and 1 in. I then connect my pc to same network as Eth0. My Pc ip address is x.x.x.213 with .209 as its gw. Is this correct? The ZS should be woring as a Bridge, ie you dont reference it at all?? This doesnt work though. Not sure what im doing wrong… Pls someone help. Doing my head in.
ThanksAugust 22, 2008 at 2:15 pm #46827
What you describe is correct. What does not work? are you able to ping the bridge IP (the bridge automatically obtains the IP of ETH01 and ETH00) from the client? are you able to ping the IP of the ADSL router?
FulvioAugust 22, 2008 at 2:19 pm #46828
I am able to ping the ip of the bridge, but nothing onwards, so not the adsl ip or anything further on the web.
on the pc behinfd the bridge, should its gw be the bridge ip, or the adsl ip, like the bridge has? Is the bridge ip used for anything, or is it just a pass-hrough and the ip is used for admin purposes only?
ThanksAugust 22, 2008 at 3:37 pm #46829
The bridge is transparent and its IP is just used for administrative purposes. The default gateway of your clients must be set to the ADSL IP.
FulvioAugust 22, 2008 at 3:46 pm #46830
That is what im doing, but no luck. To double check. ETH1 has an external IP address. ETH0 has nothing. Then create the bridge. Connect PC to ETH0. Use the ADSL dg on the pc, and that should work??? Do i need to do anything with Routes, RIP, nat??August 23, 2008 at 6:17 am #46831
Yes, it should workAugust 23, 2008 at 10:21 am #46832
have checked everything again. Still no luck. This is all using vSwitches in vmware esx 3.5. Would it make a difference?
Any more suggestions. Im at that point where i keep going round in circles….August 23, 2008 at 11:06 am #46833
Cracked it .. well you did. I saw thread http://www.zeroshell.net/eng/forum/viewtopic.php?t=833
it was promiscuous mode. I went and changed it on both vSwitches, (properties of vSwitch/Port Group, Security , enable promiscuous mode) bingo, traffic flows …. even QoS works.
Thanks for a great product. When will it be moing away from beta??
Thanks again for the help…
You must be logged in to reply to this topic.