Good morning everyone , I have a great difficulty to allow external access to our headquarters here in our branch, here is our connection diagram.
<INTERNET 200.XX.X>--------<CISCO ASA FIREWALL/VPN>---Private address 10.10.XX---<ClearOS WAN 10.10.XX>---<ClearOs in Gateway mode>--<Multiples LAN on ClearOS in Vlans 10.20 10.30 10.40 .............>
Our headquarters connects the cisco vpn normally and performs the ping on the network 10.10.xx, but can not ping or access networks 10.20.xx 10.30.xx ......
i need some advice to resolve this.
Thanks
<INTERNET 200.XX.X>--------<CISCO ASA FIREWALL/VPN>---Private address 10.10.XX---<ClearOS WAN 10.10.XX>---<ClearOs in Gateway mode>--<Multiples LAN on ClearOS in Vlans 10.20 10.30 10.40 .............>
Our headquarters connects the cisco vpn normally and performs the ping on the network 10.10.xx, but can not ping or access networks 10.20.xx 10.30.xx ......
i need some advice to resolve this.
Thanks
In Firewall
Share this post:
Responses (8)
-
Accepted Answer
Daniel Luiz da Silva wrote:
I've no idea. If it drops the firewall, it may. Try it and see. Dump the firewall rules with "iptables -nvL" and possibly also "iptables -nvL -t nat".
Thanks for all your support Nick, only one more question the "trusted gateway" mode will disable the hotlan mode ? -
Accepted Answer
-
Accepted Answer
I'd guess you edit /etc/clearos/network.conf and change the MODE. I am not sure which string it would need. Doing an "egrep -i 'trusted.gateway' /usr/clearos/* -R" suggests the string you may need is "Trusted Gateway". You may need to do another network change or reboot to force ClearOS to switch into the new mode after a manual edit of the file. -
Accepted Answer
ClearOS, I believe, can be used as a standalone proxy but I don't think there are any configuration instructions. What you may be wanting is another undocumented mode which I think is called TRUSTEDGATEWAY, but even then I don't know how it will support a HotLAN. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »