Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / OpenVPN client on Zentyal - can this be done?
« on: October 08, 2012, 08:01:23 am »
I am using Zentyal 3.0 as a gateway/firewall and file server in a small home LAN.
I live in a country where some international websites are blocked, and so I normally run OpenVPN clients on one or two of my local hosts to tunnel to a commercial VPN server provider offshore. Instead, I would like to run my VPN client on the Zentyal box, and make the tunnel available to my entire LAN.
I have not yet installed the Zentyal VPN module, but a quick look at the documentation suggests it is aimed at setting up a server, rather than a client. My understanding is that Linux OpenVPN actually implements both server and client through a single package, but not so sure about the Zentyal module.
Can anyone offer a little guidance here? Can this be done through the Zentyal module? Or would I be better off just implementing an OpenVPN client directly in Ubuntu? I fear that doing it outside of Zentyal will still require me to make a bunch of messy adjustments to zentyal to make it play nice.
Any knowledgeable suggestions on the best way to attempt to do this?
I live in a country where some international websites are blocked, and so I normally run OpenVPN clients on one or two of my local hosts to tunnel to a commercial VPN server provider offshore. Instead, I would like to run my VPN client on the Zentyal box, and make the tunnel available to my entire LAN.
I have not yet installed the Zentyal VPN module, but a quick look at the documentation suggests it is aimed at setting up a server, rather than a client. My understanding is that Linux OpenVPN actually implements both server and client through a single package, but not so sure about the Zentyal module.
Can anyone offer a little guidance here? Can this be done through the Zentyal module? Or would I be better off just implementing an OpenVPN client directly in Ubuntu? I fear that doing it outside of Zentyal will still require me to make a bunch of messy adjustments to zentyal to make it play nice.
Any knowledgeable suggestions on the best way to attempt to do this?
2
Installation and Upgrades / SOLVED! Firewall settings to enable Sonos Wireless Music System
« on: October 07, 2012, 03:41:41 pm »
I have a new install of Zentyal 3.0.2, in use as a very basic home gateway/firewall/fileshare system, supporting a small number of local hosts, both Windows and OSX. This has replaced a previous system based on Ubuntu 10.04 managed with a combination of Webmin and CLI. .
The most important use in our home is as a file server of over 500G of music files. These are played through several Sonos components which also live in the same subnet as the PCs and laptops. This all worked great under the old Linux/Webmin setup, with sharing via samba and a firewall I managed with Shorewall.
I want to add on a little basic VOIP/Asterisk setup, and maybe a few other services, and thought Zentyal might be a better platform to smoothly integrate more functions, so I switched.
After switching to Zentyal, I have got my basic functionality all working on the new Zentyal install, including DNS caching, DHCP, gateway to internet, pppoe, plus minimal users and groups, just enough to support ACLs in samba. Firewall is working fine for basic internet access through this system from local hosts.
I have got the samba music shares working, at least so that they are accessible by local hosts.
But trying to bring the Sonos system up, I get errors which appear to be firewall related.
From the Sonos support FAQ, here is what that system needs in a firewall:
QUOTE
During firmware updates, the Sonos system accesses the Internet via port 80. During normal operation and use, the system utilizes the specified ports and services below.
The Sonos Wireless HiFi System uses the following ports:
TCP/IP:
80 (HTTP)
445 (CIFS)
3400 (UPnP incoming events)
443 (Rhapsody, Napster, and SIRIUS Internet Radio)
4070 (Spotify incoming events)
UDP:
136-139 (NetBIOS)
1900 (UPnP advertisements / device discovery)
1901 (UPnP m-search responses)
2869 (UPnP connection to Windows Media Player 11 Network Sharing Service)
6969 (Getting Started process)
10243 (UPnP connection to Windows Media Player 11 Network Sharing Service)
10280-10284 (UPnP connection to Windows Media Player 11 Network Sharing Service)[/font][/font][/color]
END QUOTE
I am by no means a serious linux or network expert, just a guy willing to jump into the deep water. I eventually make stuff work. In my old system I used Shorewall to manage the firewall, but iptables is new and a bit confusing to me.
I presume that the needed NetBIOS and CIFS ports are already implemented properly, since my Zentyal samba shares and user/group ACLs seem to work fine with my non-Sonos hosts. Unfortunately, the setup dialog in the Sonos desktop app doesn't tell me why it chokes, and doesn't provide a log I can inspect, it just says it is probably firewall settings. I presume it is related to some of these other ports.
Grateful if someone would show me one or two sample entries of what I should make to the Zentyal Firewall setup which can make the above work.
Many thanks
The most important use in our home is as a file server of over 500G of music files. These are played through several Sonos components which also live in the same subnet as the PCs and laptops. This all worked great under the old Linux/Webmin setup, with sharing via samba and a firewall I managed with Shorewall.
I want to add on a little basic VOIP/Asterisk setup, and maybe a few other services, and thought Zentyal might be a better platform to smoothly integrate more functions, so I switched.
After switching to Zentyal, I have got my basic functionality all working on the new Zentyal install, including DNS caching, DHCP, gateway to internet, pppoe, plus minimal users and groups, just enough to support ACLs in samba. Firewall is working fine for basic internet access through this system from local hosts.
I have got the samba music shares working, at least so that they are accessible by local hosts.
But trying to bring the Sonos system up, I get errors which appear to be firewall related.
From the Sonos support FAQ, here is what that system needs in a firewall:
QUOTE
During firmware updates, the Sonos system accesses the Internet via port 80. During normal operation and use, the system utilizes the specified ports and services below.
The Sonos Wireless HiFi System uses the following ports:
TCP/IP:
80 (HTTP)
445 (CIFS)
3400 (UPnP incoming events)
443 (Rhapsody, Napster, and SIRIUS Internet Radio)
4070 (Spotify incoming events)
UDP:
136-139 (NetBIOS)
1900 (UPnP advertisements / device discovery)
1901 (UPnP m-search responses)
2869 (UPnP connection to Windows Media Player 11 Network Sharing Service)
6969 (Getting Started process)
10243 (UPnP connection to Windows Media Player 11 Network Sharing Service)
10280-10284 (UPnP connection to Windows Media Player 11 Network Sharing Service)[/font][/font][/color]
END QUOTE
I am by no means a serious linux or network expert, just a guy willing to jump into the deep water. I eventually make stuff work. In my old system I used Shorewall to manage the firewall, but iptables is new and a bit confusing to me.
I presume that the needed NetBIOS and CIFS ports are already implemented properly, since my Zentyal samba shares and user/group ACLs seem to work fine with my non-Sonos hosts. Unfortunately, the setup dialog in the Sonos desktop app doesn't tell me why it chokes, and doesn't provide a log I can inspect, it just says it is probably firewall settings. I presume it is related to some of these other ports.
Grateful if someone would show me one or two sample entries of what I should make to the Zentyal Firewall setup which can make the above work.
Many thanks
3
Installation and Upgrades / new zen install, old RAID 1 HDD pair on /home
« on: February 25, 2011, 01:47:51 am »
my old gateway/server box mainboard died recently.
The old box ran unbuntu server (plus sometimes webmin) with swap and / partitions on an ssd, plus a raid 1 pair of HDDs (using mdadm) mounted on /home. Tons of data, mostly under a samba server, was on this /home raid pair.
Now, new box, new board. I want to use ebox this time. I will once again run swap and / partitions on a small ssd, and would like to incorporate the old raid hdd pair, preserving all the old data.
Question is, how to set up new system to do this in a zen-friendly way?
I have researched a bit and I can see how I could add the old hdds to an existing linux system using mdadm commands, like --assemble, then modifying fstab.
But I would prefer the clean install using the latest zen ISO. Not sure if this is the best way.
Can I install the data drives first, the run the ISO install and set up the partitions and then configure ebox and have everything end up where I want with data intact and accessible through zen's samba setup?
Or am I better off leaving the disks out first, installing the ISO, then add disks and try modifying later?
Anyone know how to best approach this problem?
TIA
The old box ran unbuntu server (plus sometimes webmin) with swap and / partitions on an ssd, plus a raid 1 pair of HDDs (using mdadm) mounted on /home. Tons of data, mostly under a samba server, was on this /home raid pair.
Now, new box, new board. I want to use ebox this time. I will once again run swap and / partitions on a small ssd, and would like to incorporate the old raid hdd pair, preserving all the old data.
Question is, how to set up new system to do this in a zen-friendly way?
I have researched a bit and I can see how I could add the old hdds to an existing linux system using mdadm commands, like --assemble, then modifying fstab.
But I would prefer the clean install using the latest zen ISO. Not sure if this is the best way.
Can I install the data drives first, the run the ISO install and set up the partitions and then configure ebox and have everything end up where I want with data intact and accessible through zen's samba setup?
Or am I better off leaving the disks out first, installing the ISO, then add disks and try modifying later?
Anyone know how to best approach this problem?
TIA
Pages: [1]