Community discussions

Search found 17 matches

by Nazralte
Mon Mar 11, 2019 8:51 pm
Forum: General
Topic: A (hopefully) quick firewall question
Replies: 1
Views: 147

A (hopefully) quick firewall question

I asked a week ago about trying to let through some scans for PCI compliance. Someone suggested I do a catch all rule to see if it was being dropped. Since I had firewall rules up already, I just put logging on the rules I saw traffic in and low and behold I found which rule was dropping the traffic...
by Nazralte
Fri Mar 08, 2019 10:34 pm
Forum: General
Topic: Viewing network traffic question
Replies: 7
Views: 559

Re: Viewing network traffic question

OK, after getting a scan done today while running packet sniffer I saw two things. First, under packets, I did see traffic from the PCI scan. It shows up multiple times because it tries multiple ports, but they are trying to go to the correct destination IP address. Second thing is I looked at conne...
by Nazralte
Fri Mar 08, 2019 9:09 pm
Forum: General
Topic: Viewing network traffic question
Replies: 7
Views: 559

Re: Viewing network traffic question

Yes Van9018, that is correct. The part of the scan is failing because it says it can't reach the PC. We use a PC for payment and such, not a terminal like you would see at a gas station. Sooo, right now I am trying to make sure that based on the IP addresses the company gave me I can allow that traf...
by Nazralte
Thu Mar 07, 2019 7:00 pm
Forum: General
Topic: Viewing network traffic question
Replies: 7
Views: 559

Re: Viewing network traffic question

Just to be clear, since now I have seen the traffic from the PCI scan, if I look at the connections and that IP address from the PCI scan is not there, it is being blocked by the firewall? The only thing I have tried so far is just going into the firewall rules and did a simple chain forward, action...
by Nazralte
Wed Feb 27, 2019 10:10 pm
Forum: General
Topic: Viewing network traffic question
Replies: 7
Views: 559

Viewing network traffic question

Since we are a vendor of sorts, we require our PC to be scanned by a PCI compliance company. For some reason the scan keeps failing and I am not sure why. They gave me a couple of IP addresses that the scan will originate from. So my question revolves around the best way to view traffic on the route...
by Nazralte
Mon Jun 18, 2018 6:59 pm
Forum: Beginner Basics
Topic: How to route 3 networks to 3 Static IPs using 1 WAN
Replies: 15
Views: 1229

Re: How to route 3 networks to 3 Static IPs using 1 WAN

Ya know...I exported the config and as I was looking through it I noticed that the NAT rule I am currently using didn't have the routing mark. Once I put that in, I disabled the masquerade, and all is good. Simple little oversight I guess. I also just used the firewall rules Squeeze posted. That see...
by Nazralte
Mon Jun 18, 2018 4:10 pm
Forum: Beginner Basics
Topic: How to route 3 networks to 3 Static IPs using 1 WAN
Replies: 15
Views: 1229

Re: How to route 3 networks to 3 Static IPs using 1 WAN

OK, that seems to work for the routing marks. I can see the packets going through on the mangle screen. One thing I don't understand, and it may still be a config issue, but why do I still need to have the NAT rule add action=masquerade chain=srcnat out-interface=ether1_WAN ? If I don't have this en...
by Nazralte
Thu Jun 14, 2018 9:23 pm
Forum: Beginner Basics
Topic: How to route 3 networks to 3 Static IPs using 1 WAN
Replies: 15
Views: 1229

Re: How to route 3 networks to 3 Static IPs using 1 WAN

I did change the static IP address of course, but it should still accurately reflect what I have going on right now. Also, just a FYI, I only put in the two mangle rules at the moment because I am only using two ports ( 3 and 5 ). When I get these two working as they should, I will put in the other ...
by Nazralte
Thu Jun 14, 2018 6:16 pm
Forum: Beginner Basics
Topic: How to route 3 networks to 3 Static IPs using 1 WAN
Replies: 15
Views: 1229

Re: How to route 3 networks to 3 Static IPs using 1 WAN

As I've been playing with the router this week, looking over the firewall info, I've noticed that I don't think the setup I am wanting is working using the information above. I am having to use the sorta default masquerade NAT with the Wan out interface. If I disable that, then I have no route to th...
by Nazralte
Tue Jun 12, 2018 9:55 pm
Forum: Beginner Basics
Topic: Basic firewall setup (going off wiki post)
Replies: 8
Views: 4062

Re: Basic firewall setup (going off wiki post)

Its not scary people, its random people. You never know what people may try to do cause they are trying to be malicious or they are just dumb. Just so I am clear and so I don't lock myself out.. Under the User list, it has the default admin (of which I have changed the name and password) and when yo...
by Nazralte
Tue Jun 12, 2018 5:29 pm
Forum: Beginner Basics
Topic: Basic firewall setup (going off wiki post)
Replies: 8
Views: 4062

Re: Basic firewall setup (going off wiki post)

Thanks all. One last thing. I would like to make it so only by plugging into port 5 can you access the admin functions of the router. So that way people like random guests, can't get to the webgui just by guessing at the right IP address or something. I remember seeing something about that on that o...
by Nazralte
Mon Jun 11, 2018 4:10 pm
Forum: Beginner Basics
Topic: Basic firewall setup (going off wiki post)
Replies: 8
Views: 4062

Basic firewall setup (going off wiki post)

Hello again, First off, thank you to Anav again for helping me get my router going. Today I just need to get the firewall going, and I believe I should be good to go. Now, as I stated in my last post, I have 3 networks. Two of those networks will have another router (one router is a home Linksys rou...
by Nazralte
Thu Jun 07, 2018 7:32 pm
Forum: Beginner Basics
Topic: How to route 3 networks to 3 Static IPs using 1 WAN
Replies: 15
Views: 1229

Re: How to route 3 networks to 3 Static IPs using 1 WAN

Last thing. On your NATs, I dropped the In Interface, and it seems to be working. So its just add chain=srcnat action=srcnat to-addresses=10.10.10.2

If that is OK with the rest of what you have set up there.
by Nazralte
Thu Jun 07, 2018 6:26 pm
Forum: Beginner Basics
Topic: How to route 3 networks to 3 Static IPs using 1 WAN
Replies: 15
Views: 1229

Re: How to route 3 networks to 3 Static IPs using 1 WAN

Thank you, this is a very helpful start. I've been reading and such the past day or so and I figured the main issue is the firewall Mangle and NAT. Your layout is correct by the way, and let me clear up just a couple of small things. Each network will have it's own router, so there shouldn't be a ne...
by Nazralte
Thu Jun 07, 2018 4:14 pm
Forum: Beginner Basics
Topic: How to route 3 networks to 3 Static IPs using 1 WAN
Replies: 15
Views: 1229

How to route 3 networks to 3 Static IPs using 1 WAN

Hello, The basic set up is this. Three separate networks, each of these will be plugged into a separate port. We have 5 static IPs from our ISP using the same gateway. Each of these three network will use one of the static IPs going out the same WAN port. (I was going to use a cheap managed switch t...
by Nazralte
Wed Jun 06, 2018 7:21 pm
Forum: Beginner Basics
Topic: Can ping gateway but nothing beyond
Replies: 2
Views: 349

Re: Can ping gateway but nothing beyond

I managed to find the problem by the time this was posted. My small mistake was when I put in the default gateway under route, i put 0.0.0.0 instead of 0.0.0.0/0 That final /0 for the netmask was apparently the problem. Not I am on to trying to figure out VLANs between the router and a TP Link switc...
by Nazralte
Wed Jun 06, 2018 4:03 pm
Forum: Beginner Basics
Topic: Can ping gateway but nothing beyond
Replies: 2
Views: 349

Can ping gateway but nothing beyond

Hello all, I've watched some videos and read the initial config document and while it really seems like I have set this up correctly, I just can't get past the gateway. Quick backstory is that this is for a business and we just had fiber installed. They put in what they call an ONT (which is sorta a...