Consul
04-30-2004, 04:42 PM
I have read and followed instructions in a variety of places, but they did not help me, although I do think Firestarter is a great find.
I work for a county IT department, and we want to connect two separate internal subnets (192.168.205.x, which is our DMZ, and 192.168.11.x, which is the other network connected via wireless link). I want the following ports to forward from the 205.x side to the 11.x side:
512,513,514,6400,10000
Basically, packets from these ports from the 205.x side should forward to the 11.x side on the same ports. All other ports will be blocked, to be opened as necessary (23, for example).
I have already enabled IP Forwarding in the kernel (cat /proc/sys/net/ipv4/ip_forward = 1), and both NICs can talk to their side of each subnet (I can ping machines on each side from the router/firewall itself).
I have set up Firestarter and I set the internal network as the 205.x side, and the external as the 11.x side. I then set port forwarding for the above ports, then I opened the above ports as well.
Nothing on the 205.x side can see the 11.x side.
Is there something here that I'm missing?
The router is running Red Hat 9, stock from the discs.
Thank you very much for the help.
(One of the things I've noticed is all of the firewall and router setup docs I've found focus strictly on an internal network -> Internet setup. Nothing seems to detail what to do for two internal subnets.)
I work for a county IT department, and we want to connect two separate internal subnets (192.168.205.x, which is our DMZ, and 192.168.11.x, which is the other network connected via wireless link). I want the following ports to forward from the 205.x side to the 11.x side:
512,513,514,6400,10000
Basically, packets from these ports from the 205.x side should forward to the 11.x side on the same ports. All other ports will be blocked, to be opened as necessary (23, for example).
I have already enabled IP Forwarding in the kernel (cat /proc/sys/net/ipv4/ip_forward = 1), and both NICs can talk to their side of each subnet (I can ping machines on each side from the router/firewall itself).
I have set up Firestarter and I set the internal network as the 205.x side, and the external as the 11.x side. I then set port forwarding for the above ports, then I opened the above ports as well.
Nothing on the 205.x side can see the 11.x side.
Is there something here that I'm missing?
The router is running Red Hat 9, stock from the discs.
Thank you very much for the help.
(One of the things I've noticed is all of the firewall and router setup docs I've found focus strictly on an internal network -> Internet setup. Nothing seems to detail what to do for two internal subnets.)