Need HELP with Red Hat Linux firewall

Discussion in 'Linux Networking' started by Aleksandr Zingorenko, Jul 11, 2003.

  1. I am having a problem with a firewall that is simply too strict.
    Specifically, I am trying to configure an iptables firewall on Red Hat Linux
    9 that protects the servers on our Windows 2000 network from hacker/cracker
    attacks. So far, I have 2 Win2k machines behind this firewall, and each of
    them has a private IP address. In addition, I configured the firewall to
    use DNAT to map valid IP addresses to private ones for those two machines.
    As a result, each machine can connect to the Internet and reach (ping) any
    other machine on our network, behind the firewall or not. However, whenever
    any machine NOT behind the firewall tries to reach any of these 2 machines,
    it fails (the farthest a successful ping can go at this point is the
    firewall's external interface) even though the policy of every chain in
    every table is ACCEPT and only SNAT and DNAT rules are specified. Can
    anyone tell me how I could fix this problem? I realize that a firewall
    should keep "outsiders" out, but we have servers that we want to protect
    from malicious code and yet allow employees in our department limited access
    to them.
     
    Aleksandr Zingorenko, Jul 11, 2003
    #1
    1. Advertisements

  2. Aleksandr Zingorenko

    /dev/alex Guest

    For example, name one service you would like...

    Also, looked into Frees/WAN IPsec VPN? or PoPToP PPTP vpn?

    -a
     
    /dev/alex, Jul 11, 2003
    #2
    1. Advertisements

  3. Couldn't one list the services they can use with their IP addresses
    in /etc/hosts.allow ?
     
    Timothy Murphy, Jul 11, 2003
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.