BFW Firewall & Router

[dingoland]

Hi all,

I need your help for linking 2 BFW.
I expose my config:
- 2 separate BFW (not physically linked)
- 2 ISP (1 for each BFW)
- 2 local network not linked (192.168.1.x and 192.168.0.x), 1 for each BFW.

I need to connect the two BFW together to access a server on the other lan network.
- accessing 192.168.1.x network to 192.168.0.x network, (http and/or folder share)
- but 192.168.0.x to 192.168.1.x should be blocked (no access at all)

I have the 2 BFW in my office so i can add wire or network card if needed.
If too complicated, an http access to server on the other local network would be useful too.
Thanks for your help.

Regards
Greg

[ghost]

see if this can help you...

viewtopic.php?f=38&t=62479

viewtopic.php?f=38&t=62480

[dingoland]

Thank you for your answer and happy new year

But it is a VPN configuration
I need to connect directly 2 bfw boxes as they are in the same room, so i think about hardware connect as this don't consume bandwith.
I can open bfw boxes to add hardware or install plugins without problem.
If someone has another idea..... Bob where are you ?

Regards
Greg

[gamba47]

Maybe you can create a second wan on both BrazilFW and use OpenVPN trought a switch.


is only an idea i really don´t try this.


Best regards. gamba47

[dingoland]

The idea is not so bad

But i think maybe about a second LAN on each box linked by a third network card to stay in the local network and don't use a VPN or WAN connection.
I don't know if it is possible but it will be the perfect solution i'm searching.

Regards
Greg

[gamba47]

Both are good idea´s.


Try and post the results please.


gamba47

[ck_kent]

Hi Greg,

Any news about this? I'm also interested in the second lan setup.

[dingoland]

Hi,

Not yet cause i need to shutdown our BFW and it is our main internet proxy (at work office) so it is not easy to find an interval where i can do it
I think about it and i will change the solution :
i will add a network card on the first BFW with the same subnet mask and ip network of the second BFW connected to the switch of the second BFW.
It is easier cause i have to add only 1 card on the first BFW and not on the second
After some routes rules, i think it will work

Regards

[dingoland]

Hi,

To resume my configuration :
2 BFWs , one for each network and each its internet connection. Both BFW are in the same room.

ISP1--BFW1 (192.168.1.2) for the local network of the office (eth0) -- PC1--PC2.....PCx.
BFW1 (192.168.0.2) second lan card
|(eth2)
ISP2--BFW2 (192.168.0.1) for the test network of the office. (separated physically)

From the BFW1 diagnostic tools ping page, i can ping every machine on the BFW2 network without problem.

But PCs from BFW1 local network cannot ping or reach ips of the BFW2 network.
I have a static route 192.168.0.0/24 eth2 (to say that BFW2 network is connected to eth2 of BFW1).
I added a lot of static routes without success. I cannot reach or ping BFW2 machines from BFW1 network.

Any idea please ?
Regards

[gamba47]

I never try with a conf like that.

Did you try with OpenVPN ?

Addon viewtopic.php?f=74&t=59833
Tutorial LAN2LAN http://www.brazilfw.com.br/users/juanil ... n_l2l.html


Best regards.

gamba47

[annsshine]

First of all u have to check the default ports of both BFW and configure the system.

[dingoland]

Hi,

Yes i know openvpn, i already use it to connect from home to the bfw1 in the office.
But this solution is not the better for what i want and this solution consume some bandwith.
I will prefer use the ethernet cable to do that as it doesn't consume any bandwith or almost.
I just need help to create some statics routes to be able to reach the other LAN.

Im not an expert of routing in BFW and linux and general, so if someone is an expert of routing in linux, some help will be appreciated.

Saludos

[dingoland]

Hi,

First of all u have to check the default ports of both BFW and configure the system.

What do you mean by this sentence ?
Can you precise me ports to open please ?
Thanks

Regards