I am trying to set up a SnapGear SME530 (an embedded linux firewall)
as a router and firewall from an ADSL service (TPG) with a /30 network
address for the router external I/F, routing to a public class c
address space on the LAN side. This is shown below:
Internet
|
|
|
----ADSL ISP GW address
| 220.x.y.149/30
|
|
----ADSL modem in bridge mode RFC1483
| admin I/F 203.a.b.253 (currently)
|
----Router/FW (SnapGear SME530)
+WAN Port-> 220.x.y.150/30 (Ext. Router Port )[*]
+LAN Port-> 203.a.b.1/24 (Int. Router Port )
|
|
|--------------------------------------
| | |
203.a.b.2 203.a.b.34 etc
From the SME530, I can ping WAN & LAN Interfaces, ISP gateway, any
internet address, LAN hosts.
From the LAN I can only ping the LAN gateway. Can ping other LAN
hosts.
From the Internet I can only ping the router/FW (SME530) WAN
interface.
What do I have to do to get the SME530 to pass traffic (TCP, UDP,
ICMP) from the Internet to servers on the LAN and visa-versa?
I also need to set up firewall rules to restrict traffic to WWW, SMTP,
POP3 from the internet to specific hosts *only*.
Any config suggests, esp. how-to would be greatly appreciated.
Regards & Thank You in advance.
Larry
|
Similar Threads
Linear Mode
