Setting up an ebox: network problem [SOLVED]

[JO3RI]

Setting up ebox worked very nice. But I just can't get networking to work. Strange thing because on an normal server whitout ebox all works fine.

I have an eth0 for internal network static (192.168.2.5 255.255.255.0)
I have an eth1 for internet connection: static (ip adres, 255.255.254.0) external, this one is linked to the adsl modem which bridged.

I made the gateway rule on eth1

I cant' even seem to get a ping in diagnostics, not even in a ssh session on the server. I really don't get it.

All things are the same as in the config I have in IPCOP.

It seems ebox doesn't do standard network configuration as i'm used to do on the shell.

[javi]

Hi!

Have you marked eth1 as external?

[javi]

By the way, we don't do fancy stuff with the network configuration apart from the setting the gateway.

You can take a look into /etc/network/interfaces to see how eBox sets the configuration.

What we do in a different way is setting the gateways, to make them work with a multipath configuration we add them to the default table instead of adding them to the main table.

You can still list the default gateway by running:

Code: [Select]

ip route ls table default

route is the past ip route is the future

Jokes apart, please ask again if you have more troubles, I'll be delighted to help you with the eBox configuration.

[JO3RI]

Ok it seems that our ISP fixes the network conections on MAC-address. So my own modem is bridged, but the ISP takes the mac-address from the IPCOP. I called the ISP (Belgacom, Belgium) and they don't want to release the mac-address. So i 'll have to clone it.

I'll be telling more on this when i'm past this.

[JO3RI]

Ok I got eBox working but I can't surf the web with the cliënts.

What did I do:

-put on the firewall
-put on dhcp and configured it so the cliënts get there ip and stuff.
-put on dns and only added name.lan

what can I do:

- ping and dnslookup from within the diagnose tab to www.google.be
- ping from a cliënt pc to www.google.be

What I can't do:

- surf the web from a cliënt pc
- get my email from my provider (imap) from a cliënt pc

[sixstone]

- surf the web from a cliënt pc
- get my email from my provider (imap) from a cliënt pc

It seems a firewall related problem since your ICMP traffic, which is not filtered at all, works smoothly. To fix you set up above, you must allow these traffic flows. To do so, you must create rule in Firewall -> Packet filter -> Filtering rules for internal networks for those services you want. In your case, you must create the Web service (in Services menu) whose destination ports are 80 and 443, prior to create the rule.

The same is applied to you IMAP service (TCP/UDP 143 IMAPv2 TCP/UDP 220 IMAPv3), if it is not already set up.

Hope this helps you .

[JO3RI]

Hi, thanks for the reply.

Now i'm on holiday in France and I will get back to this on the 4th of august. Then I will try those firewall rules and post about my findings on my blog.

PS: Love the new website look.

[JO3RI]

you must create rule in Firewall -> Packet filter -> Filtering rules for internal networks for those services you want. In your case, you must create the Web service (in Services menu) whose destination ports are 80 and 443, prior to create the rule.

This made it all work thanks.

I'm wondering, would it not be nice to have some wizards templates?

[sixstone]

We've thought about this several times. However, wizard support, now, will be easier to implement .

Thanks for your feedback.