Hi,
I'm trying to set up Astaro Secure Linux. Some things work, but the most relevant - accessing the Internet from internal hosts - doesn't.
Setup:
1. Internal network 192.168.50.x (uses eth0)
2. DMZ with official IP addresses (uses eth2)
3. external static IP address on eth1, using DSL
4. ping and access between internal and DMZ works
5. ping from WebAdmin-Interface of ASL to external systems and all internal systems works
6. Up2Date works (ASL is up-to-date)
7. Defined networks: DMZ w/ address, network, broadcast; Internal w/ address, network, broadcast; external w/ address
8. Additionally defined two hosts (DNS-Server in internal network, Web-Server in DMZ)
9. Interface configuration:
- Internal on eth0, IP/subnet set, Gateway none
- External on eth1, IP set, subnet shows ???.???.???.???, Gateway is filled automatically (assigned remotely)
- DMZ on eth2, IP/subnet set, Gateway none
- Routing: no changes to standard settings
- NAT/Masquerading: Masquerading defined
(a) InternalDMZMasquerading Internal (Network) -> All/All MASQ_DMZ None
(b) InternalMasquerading Internal (Network) -> All/All MASQ_External None
- Packet filter rules: Some defined
(a) Internal Network w/ http and https to Any allowed
(b) Internal Network DNS-Server w/DNS to Any allowed
(c) POP3, IMAP from Internal Network to Any allowed
(d) tracert and ping-request from Internal Network to Any allowed
- ICMP/tracert/ping settings all active (I'll change this back ;-) )
- Proxies all disabled, but external DNS adresses set
- My internal DNS server in the internal network is configured with forwarding
- when I check the live log and try to access a web-site it shows many dropped DNS packets even while I have an (activated) rule which allows the DNS server to access "Any"
What might be wrong??? I don't have any idea.
Thanks in advance for any advice,
Planlos1234
This thread was automatically locked due to age.
