Ubuntu Networking :: Setting Up Network Firewall Using A Netgear DG834G Router
Jan 12, 2011
could set up a firewall on my linux machine? I have is to connect my router wired to the linux machine and then from the linux machine to my main computer, and obviously routing the internet connection through the linux box as a firewall. I use a Netgear DG834G router
I want to set up a Linux box as a wireless router to replace our existing Netgear WNR1000 router, as I believe the Netgear does not support the coming IPv6 protocol. Unfortunately, it is not flashable with OpenWRT or DD-WRT presently.
As we have Comcast, our cable modem acts as a dumb modem according to the customer support guy I talked to, and our router is the one that asks for the IP address from DHCP. Thus, when Comcast switches over to IPv6, I don't believe my existing router would work, correct?
My idea is to take a Linux box and put two NICs and a wireless adapter in it, using IPCop or Smoothwall to set up a router. I could then enable IPv6 support for when we have IPv6 with Comcast. Is that possible? Would there be a way to get BIND to hand out private IP addresses in the same subnet on the both the LAN NIC and the wireless card?
post the "perfect" tutorial for setting up a router and firewall for Ubuntu 10.10 Server 64-bit? I'm kind of a n00b when it comes to Linux, so I get really confused with some things, I have seen things on the ubuntu wiki about this... but it really confuses me =
I'm trying to setup my ubuntu sys as a router and firewall... Internet -> Ubuntu (Router) -> Switch (no DHCP on it) -> Computers I've already setup bind and dhcp3 and got those working perfectly... I've also setup Squid3 and Dansguardian for content filtering (blocking ads and such) and got them working too... I want to set it all up to be transparent, and allow the system itself to function as a powerful firewall router, giving absolutely NO issues to client computers connected, and no speed reduction at all.... I want to setup the firewall to allow all outgoing connections, but block everything incoming (stealth the network)... Forcing all http/s traffic to pass through dansguardian, then to squid...
But am very confused on how to pull this off... The system is running Ubuntu 10.10 Server 64-bit, with 4 GB of RAM, 320 GB SSD, and two 1Gb NIC cards... Sorry if I'm not very clear, I do speak english perfectly, but just kinda new to the "Linux world", I was using SONICWALL but that's getting a little too costly to my network and wanna do a free alternative... Something completely CUSTOM, not using some network security distro.
I have a client that has a basic network that uses comcast cable. He bought a NETGEAR N300 wireless router which has a 192,.168.3.X network and he attempted to add it to his 10.10.10.X network and all is fine. He laptops and such can get to the internet fine. The issue is he cannot get to any of his devices on his 10.X network. I have looked at his comcast router which is controlling his 10.X network to see if I can add addition routing to his 192.X network. but didnt see anything. I also am not to familiar with the N300 wireless router. I was going to have the wireless DHCP turned off and some get it to pull the DHCP stuff from the comcast side but dont see any area to do this.
So what I want to do is setup a gateway(or router, idk what Ubuntu refers to it as.). So my set up would be Modem>Server>Switch>Router. I know that I need to set up it up as a DHCP server as well. I would also like to setup it up as a firewall too. I already have two Gbit cards that are already configured. So how do I do this? I already tried one tutorial, but it was old and was for Debian. I also installed ebox, but I couldnt figure that out either.
I installed Ubuntu 9.10 netbook remix on my Acer Aspire One D250 computer. The broadcom wireless NIC succeeds in connecting to the network but only if I remove the WPA-PSK security in the Netgear router settings. What do I need to change in order to be able to secure my network?
I cannot connect to internet. I just installed Fedora 12 w/ the Live CD and I have a Linksys WMP54G Wireless Card (v4.1 I believe) and it apparently installed fine upon install of fedora. It will not thought connect to the internet. It reads my connect (NETGEAR-2.4-G), my router is a Netgear WNDR3300. It worked perfectly fine on Windows XP. Like I said, it picks up my wireless connection. But when I go to connect it attempts to connect for like a minute or two then goes back to not connected.
I have a Netgear DG834 ADSL router (v3) which I have used for a couple of years. Prior to that I had a v2 of the same router, but upgraded for the one that supports ADSL 2+ (here in the UK).
Recently I have been having problems with the connection often being dropped, and when I access 192.168.0.1 for the router admin page, when it is not working I get no IP address listed for that of the ISP's server, and sometimes as well the upstream and downstream speeds are listed as 0 kbps.
Usually this was resolved by rebooting the router.
However, for the last couple of days, when using Ubuntu 9.04, the page of the router at 192.168.0.1 will not load. I have tried numerous different browsers, and none of them will give the router admin page.
When I tried booting from a live CD of Fedora 13, the router admin page came up just fine, no problems (although still not getting a proper connection to the Internet).
I was going to try to use the older router I had, but so far, as I cannot access the router admin page in Ubuntu, I have not done so (not had the time, and now I am at work posting this).
So there must be a problem in Ubuntu that is preventing it showing the router's admin page. The Network connection details show that the router has given the PC an IP address of 192.168.0.6 and the DNS servers are listed, so I know that Ubuntu is talking to the router, but it is not allowing me to access its settings in any way.
running ubuntu 10.10 on a toshiba laptop recently the wireless Internet stopped working from our netgear router, it still works for the Ienova laptop and emachines desktop using the router but this laptop will not work wirelessly internet cuts in and out on this laptop when on wireless when it didn't previously do so it reads a connection but will not load up web pages unless hard wired in with an ethernet cord.
For my broadband Internet I have several computers connected by cable to a Netgear DG834Gv5 router which has its own firewall.I have the wireless turned off by choice.My desktop and laptop are Linux only. (Ubuntu lucid lynx) I use the same username and password (very strong password) on both.What I want to know is can I set things up so I can browse and copy files between the computers using say nautilus on either computer?if not nautilus then I would happy to be able to do the same via a terminal window.I am not necessarily wanting to be told how but either what to Google for or where to find it.
switched recently to 11.2 and it works fine for me as workstation I want to set up a router separating a part of the network and also acting as a firewall/proxy... Configured 2 Ethernet Interfaces, checked Ip forwarding in Yast but it does not forward the packets from the "internal" to the "external" network. Hovewer after I set up my router as default for machines on internal network I can ping the external interface but no adress on external network (particularly the one of the default router) !!! From the router I can reach both networks and the net via default gateway on external. Tried to:
a) switch firewall completely off b) iptables -P FORWARD ACCEPT c) masquarading internal adresses to the external network
my interfaces configuration looks like: eth0 Link encap:Ethernet HWaddr 00:13:D4:E3:A2:7B inet addr:192.168.1.34 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::213:d4ff:fee3:a27b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
I have internet access through 3G/4G USB dongle direct into my Ubuntu 10.04 box. Works great! Now I would like to share this connection out through my Netgear WGR614 wireless (and wired) router. Any clues? I've tried the simple (GUI) instructions using Network Manager, but just can't seem to get it right. Previously, I had DSL and this plugged nicely into the WGR614 and internet and ethernet access was had by all. Now, I'm a bit confused on how to get the sharing (ethernet and wireless) between my Ubuntu box and the wired/wireless network while at the same time getting Internet access to all through the Ubuntu box.
I have seen tutorials on setting up a secured firewall/router/gateway using ubuntu server as the platform. However, I am wondering if anyone has had experience with using an aircard (wireless broadband card via usb) to set up a router.
Which card do you recommend? Any precautions? Any specific code already written to automatically recognize mobile broadband cards and restart the connection if it goes stale?
I want to do is setup a gateway(or router, idk what Ubuntu refers to it as.). So my set up would be Modem>Server>Switch>Router. I know that I need to set up it up as a DHCP server as well. I would also like to setup it up as a firewall too. I already have two Gbit cards that are already configured. So how do I do this? I already tried one tutorial, but it was old and was for Debian. I also installed ebox, but I couldnt figure that out either.
On my laptop (HPDV7), using DHCP for network access, KDE4.
I use Network Manager to manage wired and wireless connectivity.
I also have Samba server running for connectivity to Windows machines.
My router runs DD-WRT.
How do I tell this HPDV7 system to propagate a Host Name up to the router?
In the DD-WRT status screen, I see Host Name as "*" associated with the assigned IP address.
I cannot, for example, ping my HPDV7 machine from my windows machine, I assume because the router (also providing DNS for my network) does not provide the name to address translation.
I CAN ping the IP address directly, and Samba connectivity from the Windows machine to HPDV7 works.
I am looking for a solution for our LAN traffic monitoring and would like to use some opensource linux application. I have a linux box with two NIC cards and what I thought is the following: Our setup is as follows. Internet comes in through the router and into the firewall. From the firewall it goes into our switch and distributed among the workstations. I have no access to the router or the firewall as they are centrally configured. I would like to place a device into the loop through which I could monitor the LAN traffic.
Can I put a linux box between the firewall and the switch and have all packets going through registered and logged? I have a proxy server (non transparent) and that captures some but not all. I would like to get all packets registered without interfering with the LAN etc.
I am trying to do my graduation project, it's labeled under "linux secure router", and I should build a linux based router equipped with firewall and ACL management...Some people advice me to use linux ubuntu distribution todo this I try to do that but I don't know where to start form
I'm mentoring my local high school's IT club as they prepare to participate in a cyberdefense competition (see IT Olympics). Generally we are given four boxes and need to set up a network that provides certain services (which services change from year to year, but usually include a web server, email server, FTP server, and an application server of some sort) and support client PCs that connect from the WAN. The red team then tries to break into our network to steal "flags" from our servers and to set their own "flags" on our servers.
Generally we set up the firewall with two network interface cards (one to the WAN and one to our LAN), and connect the LAN NIC to a router, which then connects to the other three boxes. But we do have the option of installing additional NICs in the firewall and configuring it as a router. I can't shake the feeling that there is a security advantage to such a configuration, but I can't say what that advantage is. Perhaps something with configuring ipTables on the internal boxes to accept connections only from the firewall's NIC, and then only for the services we want that box to support (to prevent an intruder from connecting directly from one box to another)?
I am trying to make a vnc connection from pc #2 to pc #1. Pc #1 is a debian pc behind a zyxel router (P-2602HW-D1A). Pc #2 is a windows xp pc another place at the internet.I have configured the zyxel router to forward incomming trafic on port 5902 to the local ip-adress of the debian box. The debian box is running a vnc server, listening on port 5902.But i dosn?t work.I have tryed to scan the zyxel routers ipadress on port 5902 from the internet, but the scanner says that the port is closed.The vnc server on pc #1 is working fine on the local network. I can connect to the server from a pc on the same side of the zyxel router.Is it deffenitly a router problem, or could it have something to do with debians own firewall?
I have installed Ubuntu 10.04 Server on an older desktop with the intent of making it into a firewall box. What I would like to do is hook one nic into the modem, and the other nic into my router. I'm not sure if I want to setup the 2 nics as bridged.
I have managed to setup ndiswrapper and am able to see my wireless network but cannot connect to it.
I am using NDISWRAPPER and a Netgear WNDA3100 driver (I think this is Atheros-based) to connect through a Netgear WN111 USB Wireless dongle to my existing wireless network. I am running 9.04 on a Fujitstu-Siemens laptop.
I am aware that the WNDA 3100 driver is not the intended driver for my WN111 dongle, but it is the only driver that showed "hardware present" when loaded. All others (I tried perhaps 5 or 6) showed driver installed but no info about hardware.
When I try to connect to the network it tries for a while, occasionally prompting me for the passphrase, and then eventually stops.
I would like some help figuring out what else I need to do. I feel I am nearly at the solution. My guesses are as follows (for what they're worth):
1. Could it be something to do with the WPA security?
2. Could it be something to do with this, output from dmesg?
Quote:
[ 20.737363] ADDRCONF(NETDEV_UP): wlan1: link is not ready
3. Could I need to set some further parameters in the network manager?
I want to lock down my server to allow only certain ip addresses and ports in. I was thinking of doing this through the iptables but someone sugguested I used the hosts.allow and deny files to allow who can access the system. What do people suggest? If I"m trying to ensure no ip's can access my system except the ones I want, how would I do this with just the allow and deny files?
I'm having trouble getting my network set up the way that I want it/had it. You see, when I first set up my network, I just had my cable modem going directly to my standard wired router (A D-Link DI-604), which had DHCP,and was connected to all of the computers on my network. I had one switch hooked up to one of the ports of the router, but this was a regular switch, and it would not try to assign IP addresses, it would just pass through the DHCP info as I wanted.
Now however, my network setup has changed. My room mate and I both got laptops, and we decided that we wanted to have wireless access so we didn't have to constantly plug in to the router.
Now my network is set up like this: The modem is hooked up to the router(DI-604), which is hooked up on the LAN side to our computers, our switch (which is hooked up to 3 more computers), and to a wireless router card (A Gigabyte GN-BC01).
The wireless router card has two jacks for ethernet. One for WAN, and one for LAN. The LAN side we have plugged only into the computer in which the card is installed.
Now the problem is this: The wireless router card comes with DHCP by default, and it's assigning addresses to the laptops and to the computer hat it's in, and worse, the IP addresses are on a different subnet than that of the main dlink router. The Main (dlink) router assigns addresses from 192.168.0.1 (itself) to 192.168.0.254, while the wireless router card assigns addresses from 192.168.1.1 to 192.168.1.254 (itself).
Because of this, I cannot access services on the wireless network from my wired network or vice versa. The first thing I tried was setting the card to assign addresses from 192.168.0.12 to 192.168.0.253, however it just said "internal error" when I tried to do this. I decided that this may be because it sees that it was being assigned an address on it's WAN side on the same subnet. So the next thing I tried was disabling DHCP and setting the "LAN IP Address" to 192.168.0.12, hoping that the DHCP would just go through the card, like a switch. I would have set the LAN IP address to be assigned by DHCP, but this was not an option, so I decided that'd be the best thing to set it to.
Once again however, setting the LAN ip address to an address on the same subnet as that of the IP assigned to it's WAN side caused it to report an "internal error". I verified that this was the issue by setting the LAN address to several other private IP addresses to test (I.E. 10.0.0.1, 192.168.3.1, 192.168.5.12).
My question then really is: How do I set up both routers so that I can access services and computers from each network from the other network. Should I set them with different subnets and set the gateway on the wireless network to the main router? To the wireless router card? Should I put them on the same subnet? Will it know how to communicate?
Here is a link to (picture) my network diagram. Network Diagram
I use Ubuntu 9.04 Jaunty Jackalope.I have been trying to configure a NETGEAR DGN1000 modem router. my manual says that to access the modem for configuration, I should "Type URL... in the address field of [my] browser, and then click Enter."my browser, though, does not seem to find any such page and so I cannot continue the configuration. btw, we had no problem configuring another computer in the house running on windows vista, so that it looks like the cables are all in place, the modem and the line are ok.
I was just wondering because it has not yet become a problem. How would I access my Netgear MR314 router when I don't use Internet Explorer anymore? I used to access the software and make changes in port forwarding and even turn on/off wireless.