ksrimoungchanh

Forum Replies Created

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • in reply to: ZeroShell in high availability mode #50828

    Also looking for a HA solution with ZS. what did you end up doing?

    Kou

    in reply to: Outbound NAT to a specific IP #51456

    Thank you for your guidance. I do have more questions to get clarification,

    1. in your examples, does ETH00.771 refer to the inside interface or outside?
    2. do I need to have both rules or can I just do the outgoing? I am not needing all the TCP/UDP to be forwarded. I already have it inbound setup already.

    Thanks again,

    Kou

    in reply to: blocking outbound port 25 #50239

    Hello ppalias,

    Thanks for the reply. I wanted to clarify myself on my initial email. I wanted to block all SMTP from within the LAN out to the INTERNET from all devices accept the internal Mail server.

    We caught a machine that was acting like it’s own email server and was possibly sending emails out from within the LAN out to the INTERNET without relaying it to our real mail server.

    is that still not possible? or with that information, there are some hopes.

    Kou

    in reply to: Accidentally created rule on 443. #50164

    Hello All:

    As ppalias recommended, I was able to walk a remote user through connecting a monitor and keyboard on the ZS out there. I then walked the user through the instructions from ppalias and it works.

    I then went into ZS and removed it from the HTTPS part to make sure it would not come back after a reboot.

    Thanks all for the suggestions and help.

    Kou

    in reply to: Accidentally created rule on 443. #50162

    Hello Atheling,

    I created a rule as “Any interface/Any IP” so I assume when I tried using a Putty to SSH and telnet it failed to both the internal IP address of the LAN and the IP address of the VPN tunnel on that side.

    Should I try something else?

    Kou

    in reply to: Net Balancer and inbound traffic #50045

    Thanks for the replies..

    ppalias, you are right.. it does seems like exactly what you discribe.

    atheling, I looked in the update section, but did not see any updates that pertains to this. I am on Release 1.0 Beta 12. Where could I get the updates and are their any details to implement the updates?

    Thanks again,

    KS

    in reply to: Port Forwarding Question #47941

    Another update: used the iptable commands in the Setup>Startup/cron>NAT and Virtual Server and rebooted the ZS. It works now.

    I also removed all my configs from the Virtual Server page.

    I notice that I have to reboot the firewall to get that IPTABLE additions to take. Is there a way to get this to take without rebooting the firewall?

    Kou

    in reply to: Port Forwarding Question #47940

    ppalias,

    I have a updated description of the issue. I have recreated the issue with more time to test.

    I have 2 external IP address assigned to the ETH01 and Nat’d it for the ETH00 to get out. Traffic works find outbound.

    For inbound testing, when I use the first IP address assigned on ETH01 on the Virtual Server configs, it works. I am able to forward port 20/21 for FTP testing and can actually ftp to the External IP address and successfully login to the FTP server.

    When I replace the Virtual server External IP with the secondary IP that was assigned to the ETH01 in the exact line, I cannot forward any ports for testing at all. Nothing can be forwarded to the internal server.

    Kou

    in reply to: Port Forwarding Question #47939

    I took the ZS offline and don’t have it available at this minute. I will will be putting it on a test network later this weekend.

    At that point, I will get the output for you. thanks for your help.

    Kou

    in reply to: Port Forwarding Question #47937

    ppalias,

    The External side of the Zeroshell has several external IP address that is assigned to us by the Internet Provider. I use to have these IPs on IPCOP as Alias.

    the Router is not doing NAT.Router is not doing NAT.

    Inside interface has VLAN 1, VLAN2, VLAN3, and the Mail server is on VLAN1 tagged on our switchs. the Mail server can access the internet fine while on VLAN1.

    Hope that this helps.

    BTW: VLAN1 is tagged on the ZeroShell ETH00.

    Kou

    in reply to: VLAN tag tunnelling question? #47776

    Will I also need to create the VLAN on the ETH00? I assume that it is needed to maintain the VLAN information from the Switch through the ETH00 and passing it to the VPN00 interface.

    Thanks for the quick help.

    Kou

    in reply to: VLAN tag tunnelling question? #47774

    Base on this link: http://www.zeroshell.net/eng/faq/network/#net.faq8 I am interpreting that it does support VLAN tunneling?

    Please correct me.

    Kou

Viewing 12 posts - 1 through 12 (of 12 total)