Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: other iptables rules
« on: December 02, 2013, 08:56:26 am »
I can't understand what you are trying to say. I'm sorry...
2
Installation and Upgrades / Re: Help reading Firewall log
« on: December 02, 2013, 01:23:16 am »Hi,
Someone could help me interpret the following log? if in the four package options filters I configure rules to accept http, why appear DROP packages?
Thanks
Date Input interface Output interface Source Destination Protocol Source port Destination port Decision 2013-11-27 14:59:31 eth1 eth0 192.168.4.127 23.20.95.62 TCP 52779 80 DROP 2013-11-27 14:59:21 eth1 eth0 192.168.4.127 75.101.174.39 TCP 52772 80 DROP 2013-11-27 14:59:21 eth1 eth0 192.168.4.127 54.225.220.57 TCP 52773 80 DROP 2013-11-27 14:59:16 eth1 eth0 192.168.4.127 23.20.95.62 TCP 52779 80 DROP
This simply means its being block or dropped
3
Installation and Upgrades / Re: Same network multi static routes
« on: November 19, 2013, 01:25:24 am »
Hi Christian,
My plan here is to have that specific network which is 129.37.2.0/24 to have 2 static routes. That is my main goal at the moment. Zentyal does not allow multiple static route on the same network. I'm looking for some workaround how to achieve these.
My plan here is to have that specific network which is 129.37.2.0/24 to have 2 static routes. That is my main goal at the moment. Zentyal does not allow multiple static route on the same network. I'm looking for some workaround how to achieve these.
4
Installation and Upgrades / Re: Same network multi static routes
« on: November 18, 2013, 11:01:47 am »This is a bit clearer but still slightly confused. Sorry.
I may be wrong but if goal is to set up fail-over over VPN, this should be configured at VPN client level where you define IP fail-over address for VPN server to connect too.
Still what is not clear is how much ISP (and NIC on your Zentyal server) you have.
In case you have only one single ISP, you have only one single gateway (not discussing about the VPN stuff here).
Am I correct ?
The objective is to have WAN failover. I have multiple NICs they have their own ports.
5
Installation and Upgrades / Re: Same network multi static routes
« on: November 18, 2013, 08:34:45 am »
Okay.. i will try to explain it as much as i can.
I'm using Zentyal 2.0 here. This Zentyal use 2 ISP IP VPN as a gateway to connect to other location. Under Network >> Static route i have defined the first static route with IP (129.37.2.0/24 will use this gateway(10.40.40.x) in able to connect to other location). So far the routing here is fine. For redundancy purposes i ordered the 2nd IP VPN and i want to use that as well for 129.37.2.0/24 network but when i tried to enter this at Zentyal is give me error, "Network already exist". Since that network has been defined already. To make the long story short, I'm defining the 2nd static route for 129.37.2.0/24 using another gateway (129.38.103.xx) This is my 2nd IP VPN
I'm using Zentyal 2.0 here. This Zentyal use 2 ISP IP VPN as a gateway to connect to other location. Under Network >> Static route i have defined the first static route with IP (129.37.2.0/24 will use this gateway(10.40.40.x) in able to connect to other location). So far the routing here is fine. For redundancy purposes i ordered the 2nd IP VPN and i want to use that as well for 129.37.2.0/24 network but when i tried to enter this at Zentyal is give me error, "Network already exist". Since that network has been defined already. To make the long story short, I'm defining the 2nd static route for 129.37.2.0/24 using another gateway (129.38.103.xx) This is my 2nd IP VPN
6
Installation and Upgrades / Re: Same network multi static routes
« on: November 18, 2013, 07:31:54 am »
I wish someone can guide step by step achieving this...
7
Installation and Upgrades / Re: Same network multi static routes
« on: November 18, 2013, 07:24:59 am »Do you mean without using Zentyal failover or load balancing feature ?
Any approach will do as long as it brings me to my objective. Better if i have the option to see the difference. I'm also looking on Zentyal Hooks since the native route management of zentyal is iproute2. But the simplier the better. Thank you Christian for your usual promptness
8
Installation and Upgrades / Re: Same network multi static routes
« on: November 18, 2013, 06:43:19 am »
Gateway has been added. All i need to accomplish is to set 2 static route on the same network with 2 different ISP.
Example: (Static Route)
129.37.2.0/24 - 10.40.xx.x (ISP1)
129.37.2.0/24 - 129.38.xxx.x(ISP2)
Example: (Static Route)
129.37.2.0/24 - 10.40.xx.x (ISP1)
129.37.2.0/24 - 129.38.xxx.x(ISP2)
9
Installation and Upgrades / Re: Same network multi static routes
« on: November 18, 2013, 06:42:18 am »Also what is the highest gateway weight? 15 or 1? which is highest in terms of priority?
Look at this.
For some reason, I can't find the same on 3.2 documentation
15 has highest priority
Thank you so much. I hope that you get my point. Because everytime i add another static route with same network it gives me error saying that network already exist.
10
Installation and Upgrades / Re: Same network multi static routes
« on: November 18, 2013, 02:25:28 am »
In my setup i have defined 129.37.2.0/24 - ISP1 in the static route page and in multi-gateway rules i created an object with the same network (129.37.2.0/24)for members and i select ISP2 for its gateway. will this work?
Also what is the highest gateway weight? 15 or 1? which is highest in terms of priority?
Also what is the highest gateway weight? 15 or 1? which is highest in terms of priority?
11
Installation and Upgrades / Same network multi static routes
« on: November 18, 2013, 12:52:59 am »
Hi to all,
I just want to ask how to achieve setting up multi static route on the same network
Let say i set 129.37.2.0/24 xxx.xxx.xxx.xxx
and 129.37.2.0./24 yyy.yyy.yyy.yyy
I just want to ask how to achieve setting up multi static route on the same network
Let say i set 129.37.2.0/24 xxx.xxx.xxx.xxx
and 129.37.2.0./24 yyy.yyy.yyy.yyy
12
Installation and Upgrades / Re: Iptables configuration are gone after reboot
« on: October 18, 2013, 09:54:53 am »
Thanks Christian...Still remember me? My apology for having so many problems in network
13
Installation and Upgrades / Iptables configuration are gone after reboot
« on: October 18, 2013, 09:12:24 am »
Hi,
I have a Zentyal 3.0 i disable the firewall via iptables but everytime the Zentyal restarted it came back to its original iptables configuration.
How can i save my iptables configuration in Zentyal even the Zentyal restarted?
I have a Zentyal 3.0 i disable the firewall via iptables but everytime the Zentyal restarted it came back to its original iptables configuration.
How can i save my iptables configuration in Zentyal even the Zentyal restarted?
14
Installation and Upgrades / Re: Cannot telnet and/or connect on some IP
« on: October 09, 2013, 11:23:29 am »
Yes this is correct.
15
Installation and Upgrades / Re: Cannot telnet and/or connect on some IP
« on: October 09, 2013, 10:22:14 am »Odd indeed.
I don't understand the very detail of your configuration but guess that when you say "try with old server" you mean replacing the one doing routing with another one (old one) with same feature / same IP.
For sure ping being only ICMP, being able to ping doesn't mean you can telnet.
This said, why can you telnet 10.37.2.16 but not 2.17 ? At this stage given you network layout, I would look closer at routes on each workstation / server inside your LAN (10.37.2.16, 2.17 & 129.37.2.35)
If my guess is wrong about the switch between new and old server using same IP, then it will reinforce the need to check twice routes.
Looking again at your drawing, I still don't understand if these grey boxes are switches of Zentyal servers. I would bet switches but not 100% sure and quite confused. I'll try to redraw it on my side and share my understanding but I'm not yet at the stage I can achieve it. Your 2 Zentyal servers share same IP ranges on internal interfaces, so I suppose this is not a "stack" of server with one being front-end but rather 2 servers side-to-side. Which one is the correct layout or is it something even different?
- I don't understand the very detail of your configuration but guess that when you say "try with old server" you mean replacing the one doing routing with another one (old one) with same feature / same IP. Exactly