Montikore

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 54 total)
  • Author
    Posts
  • in reply to: ACCESS TO SERVER from internal BY EXTERNAL DOMAIN #54244
    Montikore
    Participant

    i think you over took it, it may be very simpler to just not put any ip nor interface as source, and your virtual server will be availbale from inside too.

    @pgbuz wrote:

    With virtual server rules any/eth1:443 to 192.168.3.11:443 and any/eth1:4433 to 192.168.3.12:443

    in your case, it should be any/any:443 to 192.168.3.11:443

    in reply to: Use DNS to forward to local network #54603
    Montikore
    Participant

    lol sure, all public IPs are routable… if you have an internet connexion, then you have a public IP, then you can use it without any more costs… i don’t get your point, we are not in the 70’s anymore
    Of course, if you want to use more than one public IP, it’s a bit more complicated, but this is out of scope here.

    in reply to: Use DNS to forward to local network #54601
    Montikore
    Participant

    @iulyb wrote:

    In order to have access from internet you need routable internet IPs for your internal or DMZ network. However that means your network would be exposed + the cost of IPs.

    😯 what are you talking about??

    By the way, VPN is clearly not the solution to this problem…

    in reply to: PAP2T and other VOIP adapters having intermittent problems #54610
    Montikore
    Participant

    you can flush the connexion tracking in the web UI, under the firewall menu, connexion tracking tab. may be easier for testing

    in reply to: block IP importing a list #54592
    Montikore
    Participant

    😯 i tried to…

    @pgbuz wrote:

    a simple Linux server make this, zeroshell no?

    you’re not able to manage what you’re speaking about? so now, after reading you, i won’t help you… behave yourself.

    in reply to: How to set up a wireless router with captive portal #54605
    Montikore
    Participant

    Hi,

    Even if i don’t know Captive portal, i think your configuration is not right…

    Basically, if you want to use Zeroshell as your main router, all of your computers must have the zeroshell IP as default gateway, and zeroshell must have your internet box IP as default gateway. Do not use the DHCP from your internet box, this box has to be invisible for all the computers. (if not, all the trafic may go directly to the internet box without passing through zeroshell)
    Usually, with a basic configuration like this, you don’t need to care about the routing table.

    in reply to: Use DNS to forward to local network #54599
    Montikore
    Participant

    As you said, your internal DNS is internal… Anyway, even if you expose your DNS, you won’t be able to achieve what you want without port redirection.
    The only way to achive this, ie using the name nas1.sub.domain.com to reach the wanted NAS, you will have to redirect all http trafic (all trafic on port 80, using a Zeroshell virtual server) to a web server, which will know who is nas1 and will redirect to the wanted IP/port (apache can do this)

    in reply to: block IP importing a list #54590
    Montikore
    Participant

    zeroshell being a linux server, you can do what you’re used to using the command line

    in reply to: Cron jobs for automatic daily profiles backup #54597
    Montikore
    Participant

    i think you shouldn’t use the logs in this way… it sounds pretty strange to me, and the scalability may be a problem too

    What about the connection tracking, under Firewall menu? Still not very sexy solution, but you could get it with web requests.

    As an advice, i suggest you to use zeroshell only for its network purposes and manage your production data on another server

    in reply to: Cron jobs for automatic daily profiles backup #54595
    Montikore
    Participant

    what database you’re speaking of? the zeroshell logs??
    i still don’t understand why you would need to backup the profile daily… profiles are not supposed to be changed so often…

    in reply to: Cron jobs for automatic daily profiles backup #54593
    Montikore
    Participant

    I don’t have an answer for your request, but another question… Why do you want to do this??

    in reply to: block IP importing a list #54588
    Montikore
    Participant

    you can create firewall rules (given that your firewall is in drop mode) who accept everything which does match the protocol you use (not sure it’s possible in your case though) or rules who accept packets based on “Layer 7 filters”.
    I guess you want only VoIP to work? In this case, a few rules with layer 7 inspection are needed. I’m using it for QOS, but not sure it will fit all your needs : add accept rules for SIP, H323, Ventrilo, Teamspeak, Skypeout, skypetoskype.

    in reply to: Can I remove load balancing setup? #54586
    Montikore
    Participant

    I just noticed your default gateway and “aei0” are on the same interface…which is weird without more info.
    i personnaly rather use the IP adress than the interface, especially if they are both on the same interface!!
    try to change it, it may help

    in reply to: Can I remove load balancing setup? #54585
    Montikore
    Participant

    Yes this is it! I use it quite a lot, and it works fine like you try…
    From what i see, it should work… just check in the router menu as i said (button “Default GW” on the right of the page), that the default gateway is the one you want to use.

    in reply to: openvpn host-to-lan #54587
    Montikore
    Participant

    it will be difficult to help you with so few information….

Viewing 15 posts - 1 through 15 (of 54 total)