[Firehol-support] Help configuring additional gateway
Marcus Williams
marcus at quintic.co.uk
Tue Dec 6 12:17:27 GMT 2005
Hi -
Up to now, our network has been fairly standard SOHO - single gateway,
two eth interfaces (intranet and internet). We use a simple
configuration like:
# The network of our eth0 LAN.
home_ips="192.168.202.0/24"
interface eth0 dhcp
policy return
server dhcp accept
interface eth0 home src "${home_ips}"
policy reject
server "dns ssh icmp" accept
client "dns icmp" accept
interface eth1 internet src not "${home_ips} ${UNROUTABLE_IPS}"
server ident reject with tcp-reset
client all accept
router internet2home inface eth1 outface eth0
masquerade reverse
client all accept
server ident reject with tcp-reset
# EOF
My route table looks like:
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
> localnet * 255.255.255.0 U 0 0 0 eth0
> default 192.168.1.1 0.0.0.0 UG 0 0 0 eth1
However... now we've added a VPN gateway to the intranet so theres a new
route on our main gateway:
> 192.9.200.0 vpn 255.255.255.0 UG 0 0 0 eth0
So all requests to 192.0.200.x need to be routed through the vpn host
(which is on the intranet). How do I support this in the firehol
configuration?
Thanks
Marcus
--
Marcus Williams -- http://www.cad-schroer.co.uk
CAD Schroer UK, 39 Newnham Road, Cambridge, UK
More information about the Firehol-support
mailing list