Author Topic: Zentyal default gateway is my external NIC's IP instead of my internal ip  (Read 1099 times)

jsebme

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Hi,
I'm trying to make my Zentyal desktop router works for my network setup with some security in mind, off course. My point is that normal consumer grade routers I'm used to and some other router/firewall softwares I've tried normally give the internal NIC's Ip to the default gateway. For example, my last router was connected to my ISP router with a static 192.168.0.22 but I've set its internal network and DHCP server to use 192.168.99.1 to 192.168.99.254. The default gateway looks like it was the internal one: 192.168.99.1.
So, is it normal that Zentyal give the external Ip instead of the internal?
Is it secure?
And, can I change this setting to a internal Ip? And how?
What are the pros and cons of both setups?

Thanks everyone

dzidek23

  • Zen Apprentice
  • *
  • Posts: 45
  • Karma: +1/-0
    • View Profile
Hi jsebme,

I'm confused by what you call internal and external..

to me this is what you have:

Internal --> Zentyal --> external --> ISP router

DHCP 192.168.99.0/24 with gateway 192.168.99.1 --> Zentyal --> 192.168.0.22 with a gateway of 192.168.0.1

If that's the case than it is right. Your internal DHCP, served by Zentyal, will have the gateway in the only known network .99.1. Any of the devices connected to that network will use Zentyal to access the other side and Internet. Your ISP will see traffic flowing from 192.168.0.22 and won't be able to distinguish how many clients are "hiding" behind.

jsebme

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
I totally agree that it should be the way you say. But, I haven't been clear in my first post. Even if the internal network range is 192.168.99.0/24 and its interface IP 192.168.99.1, Zentyal has given the IP of the WAN as a gateway. My WAN interface IP is 192.168.0.22 from my ISP router side and that's the IP Zentyal has given to my main gateway after the initial setup where I have chosen this interface has the external one.

Maybe it's more clear for you now...

And, as I said before, I agree with you that the gateway should be 192.168.99.1. I'm a bit concerned that it's not that way.