[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [MISC] TDC adsl



In <sslug@sslug> Elias Naur <sslug@sslug> writes:

>Jeg går og skal have købt en TDC proaccess adsl link, og da routeren ikke 
>må pilles ved af mig selv, kunne jeg godt tænke mig at vide hvordan jeg 
>skal bede dem sætte den op.  Jeg vil have flere maskiner bag adsl porten, 
>og en egen firewall skal stå imellem dem og inettet, så jeg vil gerne have 
>routeren totalt åben.
[snip]
>        router -> firewall/router -> lokal net.

Det er præcis sådan, jeg har min sslug@sslug sat op.

Bed dem om følgende:

1) Sig at du sætter din egen firewall op.
2) Alle indgående forbindelser (TCP og UDP) skal NAT'es til 
   IP adressen 192.168.1.2
3) Indgående GRE og ESP (IP protokol 47 og 50) skal NAT'es til
   IP adressen 192.168.1.2
4) DHCP server skal disables
5) Udgående forbindelser fra det interne netværk NAT'es som i 
   default konfigurationen.

Din firewall skal så have IP adressen 192.168.1.2, og du kan på
den bestemme hvor de forskellige indkommende forbindelser skal
havne henne (enten kan du have servere kørende direkte på firewallen,
eller du kan lave port forwarding og sende dem videre til en anden 
maskine).

Punkt 3) er praktisk, hvis du en dag skal have en VPN forbindelse
op at køre. GRE er den protokol som bruges til Microsoft PPTP
forbindelser; ESP er den som IPSec benytter.


>Håber ikke jeg spørger for dumt her, men jeg er lidt ude på dybt vand :-)

Der er ingen dumme spørgsmål, når man føler sig usikker.


Mvh,
Henrik
-- 
Henrik Storner      | "ATA100 is another testimony to the fact that 
<sslug@sslug> |  pigs can be made to fly given sufficient thrust"
                    | 
                    |          Linux kernel hacker Alan Cox, on IDE drives


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2005-08-10, 19:22 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *