Noob given firewall challenge



  • Firewalls are not my thing, but I have been tasked with setting up one….

    I’ve looked for a step by step setup guide but cannot find any that give detailed instructions on how to just configure the thing so it has connectivity.

    The network setup is…

    ISP----Router-----Firewall------Hosts

    With no more than 100  hosts behind the firewall.

    The router is configured with an IP addy of xxx.xxx.xxx.93    255.255.255.252
    I’ve connected a host to it with the IP address of xxx.xxx.xxx.94 (given to me by my ISP) and I get connectivity.

    The firewall interface eth0/3 (untrusted)  is configured with the IP xxx.xxx.xxx.94
    Firewall interface eth0/0 (trusted) is configured with 10.10.1.1 255.255.255.0
    Firewall interface eth0/1 (DMZ) is configured with 10.10.2.1. 255.255.255.0

    All interfaces are pingable from the CLI screens (both router and firewall)  I can ping from the firewall to the router and from the router to the firewall.

    I’ve got NAT turned on, on the “trusted” and “dmz” interfaces and configured default static routes.

    However when I attach a host to eth0/0 and assign in a IP address of 10.10.1.20 to it (within the subnet) I can ping the gateway of 10.10.1.1 but that’s the only level of connectivity I get.

    I’m wondering if there’s a command that allows traffic to flow within the firewall (between zones) that I haven’t discovered yet.

    Just a basic step by step guide that allows a host to talk to the firewall and the firewall to talk to the router would be great.

    Thank you in advance for your assistance.



  • Never mind.

    I found the command I was looking for.


 

32
Online

38.4k
Users

12.7k
Topics

44.5k
Posts