OK, some of this discussion (all of which has been helpful and great, thank
you) has gotten me thinking...
If I'm going to manually configure the proxy and filtering. Should I actually
just leverage Endian's distro as an appliance that sits ON the LAN, but not as
a network bridge/router in the middle of it? In other words, just connect
Endian as another server on the LAN and set my PCs manually to leverage that
server/address to leverage the filters and proxies?
I realize I could go completely manually configure a Linux distro to do all
that, but if Endian already has all the packages installed and a nice GUI/web
app to manage it, why not use it?
Is this possible? In theory I would only need a Green interface, though I
could still setup a Red interface as well.
Thanks again,
AJ
----- Original Message -----
From: Fernando Cabrera
To: AJ Weber ; efw-user@lists.sourceforge.net
Sent: Thursday, September 23, 2010 12:34 PM
Subject: Re: [Efw-user] Bridge Mode?
Ok , now i understand what you wish to accomplish
----+ === +---------------+ +---------------+ +-----+
WAN | | Load Balancer | ===== | Endian Bridge | ==== | LAN |
----+ === +---------------+ +---------------+ +-----+
Been there ... done that....
The endian will work as a bridge in your network and you need:
a.. two interfaces, one goes connected to the lan switch, the other one
goes to the load balancer.
b.. when configuring the endian both interfaces goes to the green zone, and
the red zone configure it as gateway and put the lan ip address of your load
balancer.
c.. in your firewall rules filter traffic using input interface and output
interface.
d.. Configure the proxy's you wish to use, as a general rule try to use
explicit proxy in the http proxy configuration an manually configure the proxy
in your clients. If you got Active Directory you coud enable integration and
use group based profiles (work like a charm in win 2003, buggy in win 2008).
e.. the default gateway of your network will be your Load balancer. your
endian will sit silently in the middle filtering traffic because is acting like
a bridge, every thing that receive in one interface it forward it to the other
interface, only that before its forward the traffic it will apply firewall
rules and proxy rules (SMTP, HTTP, POP3,etc).
I'll gladly help you if you got problems.
FERNANDO CABRERA JARAMILLO
On Thu, Sep 23, 2010 at 10:08 AM, AJ Weber <awe...@comcast.net> wrote:
Thanks everyone for the input.
------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user