IPCOP Question

Discussion in 'Computer Security' started by simongrahamuk, Nov 6, 2006.

  1. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    A question for those of you who have used IPCOP.

    I'm playing around with this with a view to implementing it at work, and whilst I can get it to work hapilly at home on an ADSL line using a simple RED and GREEN NIC setup I have a problem at work.

    The problem is that our Internet connection goes through a Router / Firewall / Webfilter that I have no control over, when it went in it basically got assigned an internal IP address. Now, Its IP Address is on the same network as the rest of the internal LAN, but I obviously want to stick the IPCOP box between it and our LAN, just so that I can do some monitoring of my own.

    So, is it possible to set IPCOP's RED and GREEN interfaces to be on the same network? or am I going to have to get the ISP to give my 'Magic Box' as they so nicely call it, a new 'internal address' on a different subnet?

    Any suggestions are appreciated.

    8)
     
  2. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    can you re-configure the ip address, rather than have one that was assigned to you.

    what are you using ipcop for is because you have bad packets?:blink
     
    Certifications: Comptia A+
    WIP: Comptia N+
  3. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Simon - did you use the probe to detect your nic card?


    did the screen show this:-


    If you are using a modem, on the Network Configuration page, with GREEN (RED is modem/ISDN) highlighted.
     
    Certifications: Comptia A+
    WIP: Comptia N+
  4. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    No, unfortunately not without asking the ISP to do it for me, and since I only want to test the solution I don't want them involved at this stage.

    It will be used with a few addons for webfiltering and as a cache so that I don't have to rely on the LEA. Also I may want to set up a DMZ for webservers.
     
  5. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    Yes, I have disabled the ISDN elemet of it. Both the Red and the Green NICs were discovered.
     
  6. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    I seem to remember when i set up this you had to unassigned nic to red the configure the red interface for the DHCP IP address.

    Oh No! the boss as just walked back into the office:oops:

    I catch up with you later.
     
    Certifications: Comptia A+
    WIP: Comptia N+
  7. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    What about port forwarding page?

    IP source & network box:blink

    This is the field that controls external access - if you leave it BLANK, your port forward will be open to ALL INTERNET ADDRESSES. Alternatively if you put an address or network in there, it will be restricted to that network or internet address.
    :biggrin


    Once this is setup in port forwarding you can have more than one external address. If you wish to add another external address, click the green cross next to the entry, the entry screen at the top of the page will change (it will load values from the port forward) and allow you to enter an external ip address or network.
     
    Certifications: Comptia A+
    WIP: Comptia N+
  8. The_Geek

    The_Geek Megabyte Poster

    772
    13
    64
    Well I've only been using it since Friday when I got it up and running here at the house, simple red and green interfaces.
     
    Certifications: CompTIA and Micro$oft
    WIP: PDI+
  9. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    I haven't used it so all this red and green malarky is confusing but as it's a firewall, well it needs to be between your local network and the Internet gateway. One NIC is configured in a subnet which matches your Internet gateway (external) the other has an IP address which is in your (local) LAN subnet.

    If it's just being used as a caching/proxy server you can probably get away with one NIC.
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  10. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    Similar set up to Smoothwall.

    Red- WAN
    Green- LAN
    Orange- DMZ
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  11. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Ah, traffic lights, how quaint :biggrin
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  12. zimbo
    Honorary Member

    zimbo Petabyte Poster

    5,215
    99
    181
    Certifications: B.Sc, MCDST & MCSA
    WIP: M.Sc - Computer Forensics
  13. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    ROTFLMAO

    There speaks an ISA man
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  14. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    :twisted:
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.