If you have a spare low end Pentium machine and a couple of NICs lying
around, you have liftoff. There are many firewall products you could
use. I have found InteractiveBastille which comes with your Mandrake
distro easy enough. Others have suggested that gShield is easier still.
Basically the steps are:
1. Connect your firewall box (it's really about to become a router) to
the main LAN on one card and to your private LAN on the other. You'll
need a separate hub for your private LAN of course.
2. Setup the addresses on your private LAN to form a subnet.
192.168.0.x/255.255.255.0 would be a reasonable choice.
3. Setup the IP address on the NIC connecting the private side of your
router machine to an address inside the private subnet (like
192.168.0.1)
4. Set the address on the public side to an address in the main
network's space. (one of the addresses you are using now would
presumably work).
5. Set the machines in the private LAN to see your router as their
gateway.
6. Set a route on the router from the private LAN to the main LAN.
7. Set the firewall on the router to trust your private LAN and treat
the main LAN as public and untrusted. You'll find that the default
firewall settings for whatever you choose to use will probably go close
to what you need.
Note that this will of course break apps that do things like telneting
from the main LAN into one of your machines, but then this is what you
want!
This is very general. If the are any more specific requirements, post a
block diagram of how you expect to set it up with specific questions and
I'm sure you'll get lots of help in response.
Hope this gets you started.
cheers
Brian
On Thu, 2002-02-21 at 00:54, [EMAIL PROTECTED] wrote:
Hi guys
I finally convinced the supervisors in my university research group that
our windows machines are not very safe as they are...they are connected
to the net 24 hours a day with a couple of ports always open...and the information
on thos pc are quite important...I thought we could use the Mandrake Single
Network FIrewall (or smoothwall) to create an internal network and connect
to the rest of university network and to the external world through such
a secure firewall
can anyone give any help or suggestion on how to set it up correctly...the
network technicians here are useless (otherwise they wouldn't have ste up
a Windoze network in the first place!)
thanks in advance
Maurizio
__
Abbonati a Tiscali!
Con Tiscali By Phone puoi anche ascoltare ed inviare email al telefono.
Chiama Tiscali By Phone all' 892 800http://byphone.tiscali.it
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com