October 18, 2009 at 12:57 am #41979
I’m an experienced developer who may have bit off more than he can chew by taking an “everything” position with a small agency. One of the issues my predecessor left me with was two internet connections through different ISPs (one T1 and one cable) that aren’t working together at all currently. On the T1 we have a Cisco PIX device and on the cable is an SMC cable modem/router.
I already have Zeroshell up and running on an old server (Dell Poweredge 2550) with three NICs and redundant connections for testing.
My question is:
Is there some way to decipher the settings text dump from the Cisco PIX to ensure that I have everything set up exactly the same on Zeroshell so that our VoIP system and other crucial systems will be guaranteed to work?
Thanks!October 18, 2009 at 1:34 pm #48933
I don’t think so… You’ll have to configure the box from scratch and spend one day troubleshooting all your clients’ complaints.October 18, 2009 at 11:41 pm #48934
Hrmph, oh well.
Zeroshell is making me feel stupid, anyway. I’m trying to configure the Net Balancer but I can’t seem to get it to work right – my main problem being I can’t figure out whether I should be assigning traffic on each physical device or to IP addresses.
Here’s how everything is hooked up:
Internet -> T1 Connection -> T1 Modem -> PIX -> ETH02 on Zeroshell
Internet -> Cable Connection -> Cable Modem/Router -> ETH01 on Zeroshell
ETH00 is my internal port.
It seems there’s not documentation covering my specific case, and as such I keep trying different instructions trying to get it to work, but nothing is working right.
So yeah, any help would be appreciated. I can’t seem to even get Zeroshell working as an internet gateway, let alone effective load balancing. :October 19, 2009 at 9:04 am #48935
Enable (if necessary) NAT on interfaces ETH01 and ETH02.
Assign on ETH01-02 IP or set them up to aquire DHCP or bring up a PPPoE session.
Then add these two connections on the netbalancer. There are some tutorials for you here.October 19, 2009 at 4:32 pm #48936
Ok, I followed those instructions, and I’m getting connectivity through ETH01, but not ETH02 (the T1 line). Its probably something wrong with my IP settings, though, because I’ve had to much with it a bunch to get the testing environment working.
Couple more questions:
1) Does adding ETH01 and ETH02 to NAT and the Net Balancer enable the firewall as well?
2) Also, does running Net Balancer hinder the use of OpenVPN at all? I need to be able to activate VPN easily once I get the more basic functions of ZeroShell up and running 100%.October 21, 2009 at 8:59 am #48937
1) No, firewall by default permits all on INPUT-OUTPUT-FORWARD. Take my advise and switch to DENY only the INPUT chain, after you have granted access to the ZS router by https and ssh.
2) No, not at all. I have Netbalancer and Openvpn working fine. In case you face issues with those two, consider adding a Balancing Rule for the Openvpn to be directed on one interface if both are up.
You must be logged in to reply to this topic.