How To Configure A Vyatta 4.2.0 As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net 4.0.1 (Dspv) On A Network With A D



Similar documents
Multi-Homing Security Gateway

Evaluation guide. Vyatta Quick Evaluation Guide

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

LAN TCP/IP and DHCP Setup

Broadband Phone Gateway BPG510 Technical Users Guide

IOS NAT Load Balancing for Two ISP Connections

UIP1868P User Interface Guide

Chapter 2 Preparing Your Network

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

For extra services running behind your router. What to do after IP change

Chapter 4 Customizing Your Network Settings

Com.X Router/Firewall Module. Use Cases. White Paper. Version 1.0, 21 May Far South Networks

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Chapter 4 Customizing Your Network Settings

Lab Developing ACLs to Implement Firewall Rule Sets

< Introduction > This technical note explains how to connect New SVR Series to DSL Modem or DSL Router. Samsung Techwin Co., Ltd.

NAT REFERENCE GUIDE. VYATTA, INC. Vyatta System NAT. Title

Internet Access Setup

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Enabling NAT and Routing in DGW v2.0 June 6, 2012

F-SECURE MESSAGING SECURITY GATEWAY

Chapter 1 Configuring Basic Connectivity

Using VDOMs to host two FortiOS instances on a single FortiGate unit

ASUS WL-5XX Series Wireless Router Internet Configuration. User s Guide

How to Configure an Initial Installation of the VMware ESXi Hypervisor

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

Installation of the On Site Server (OSS)

configure WAN load balancing

Load Balance Mechanism

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Multi-Homing Dual WAN Firewall Router

Appendix C Network Planning for Dual WAN Ports

WiNG 5.X How To. Policy Based Routing Cache Redirection. Part No. TME Rev. A

NETWORK SETUP INSTRUCTIONS

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Packet Filtering using the ADTRAN OS firewall has two fundamental parts:

Quick Network Setup Guide

P-660R-TxC Series. ADSL2+ Access Router. Quick Start Guide

Application Description

Prestige 310. Cable/xDSL Modem Sharing Router. User's Guide Supplement

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Chapter 5 Customizing Your Network Settings

Setting up VPN connection: DI-824VUP+ with Windows PPTP client

Chapter 3 Security and Firewall Protection

HOWTO: Set up a Vyatta device with ThreatSTOP in router mode

IOS NAT Load Balancing with Optimized Edge Routing for Two Internet Connections

1. Hardware Installation

NETWORK SETUP GLOSSARY

Talari Virtual Appliance CT800. Getting Started Guide

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

AS/400e. TCP/IP routing and workload balancing

NAT (Network Address Translation)

MikroTik Certified Network Associate (MTCNA) Training outline

Setting up D-Link VPN Client to VPN Routers

Internet Broadband Router XRT-501. Quick Installation Guide

VoIPon Tel: +44 (0) Fax: +44 (0)

Chapter 1 Connecting Your Router to the Internet

Basic Network Configuration

Application Note Configuring the UGate 3000 for use with ClipMail Pro and ClipExpress

Networking Basics for Automation Engineers

Internet Access Setup

Network Layers. CSC358 - Introduction to Computer Networks

Innominate mguard Version 6

Knowledgebase Solution

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

HREP Series DVR DDNS Configuration Application Note

Wireless G Broadband quick install

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Barracuda Link Balancer Administrator s Guide

Implementing PCoIP Proxy as a Security Server/Access Point Alternative

Lab Organizing CCENT Objectives by OSI Layer

Digi Connect WAN Application Guide Using the Digi Connect WAN and Digi Connect VPN with a Wireless Router/Access Point

P-660R-T1/T3 v2 Quick Start Guide

Initial Access and Basic IPv4 Internet Configuration

Configuring PPP And SIP

P-791R v2. Quick Start Guide. G.SHDSL.bis Router DEFAULT LOGIN. Administrator Password User Password. Version /2007 Edition 1

WAN Failover Scenarios Using Digi Wireless WAN Routers

ACCESSPLUS WAN / INTERNET TRAINING GUIDE 8.10.B

Configure WAN Load Balancing

STATIC IP SET UP GUIDE VERIZON 7500 WIRELESS ROUTER/MODEM

F-Secure Messaging Security Gateway. Deployment Guide

Load Balancing McAfee Web Gateway. Deployment Guide

ADTRAN 3120 / 3130 Internet Configuration Guide

Chapter 3 Connecting the Router to the Internet

nexvortex Setup Template

BR Load Balancing Router. Manual

Load Balancing Trend Micro InterScan Web Gateway

DEPLOYMENT GUIDE. This document gives a brief overview of deployment preparation, installation and configuration of a Vectra X-series platform.

Remote Connection to a WAGO using a High-Speed Internet connection Application note

Interconnecting Cisco Network Devices 1 Course, Class Outline

Chapter 1 Configuring Internet Connectivity

Network Address Translation (NAT)

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

Best Practices: Pass-Through w/bypass (Bridge Mode)

Savvius Insight Initial Configuration

A Division of Cisco Systems, Inc. Broadband Router. with 2 Phone Ports. Voice Installation and Troubleshooting Guide RTP300. Model No.

Configuring Network Address Translation (NAT)

Lab Configuring Access Policies and DMZ Settings

PFSENSE Load Balance with Fail Over From Version Beta3

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS

Transcription:

Open Informatics a An Information Technology Company Visit us on the web at www.openinformatics.net Tutorial Author: Zlatan Klebic Send Feedback: zklebic@openinformatics.net Configuring a Vyatta 4.0 release as a DSL internet connection router/gateway with basic port forwarding to an internal web server Tutorial Introduction Configure the Vyatta router for DSL internet connection sharing Configure the Vyatta router to share the internet connection across other subnets in the LAN Configure the Vyatta router with NAT service for exposing a Web Server to the outside world This tutorial introduces the configuration of Vyatta routers for sharing of an available DSL connection using the PPPoE (Point-to-Point Protocol over Ethernet) as well as sharing the DSL connection with other subnets in the LAN. Internet connection sharing with Vyatta routers provides good flexibility and scalability for small and medium size business or branch office environments since it can cost-effectively allow the creation of additional subnets within the LAN that can access the internet. Tutorial Requirements This tutorial requires the following material for its successful completion: 3 available physical or virtual machines each containing at least two Ethernet network interfaces. Each machine should have a clean installation of Vyatta with all 3 Ethernet network interfaces detected. An available DSL internet connection for testing purposes. Tutorial Notes This tutorial assumes the reader is familiar with concepts of TCP/IP networking, network routing protocols and basic Vyatta commands. The tutorial has been written in order to demonstrate the ability of Vyatta to replace proprietary DSL routers, and to demonstrate more flexible and reliable solution to implementing internet connection sharing for large LANs which consist of greater numbers of subnets. In most cases larger LANs require. The given configuration and LAN topology have been tested within a virtual machine environment using VMware Server 2.0. Tutorial For reference take a look at the simple network diagram on page 2. The network consists of four network routers, the first being used as the internet connection sharing router/internet gateway. The rest of the routers behind the gateway do not have any other functionality but to route traffic across the subnets accordingly. The sample network topology consists of four subnets as follows: Subnet 1: 192.168.0.0 Subnet 2: 192.168.5.0 Subnet 3: 192.168.10.0 Subnet 4: 192.168.15.0 All of the LAN subnets will be able to communicate with one another, as well have full access to the internet.

Internet DSL Internet Link DSL Modem eth0 PPPoE gateway.mynetwork.net LAN Subnet 1 192.168.0.0/24 eth1 192.168.0.1/24 eth0 192.168.0.2/24 router2.mynetwork.net LAN Subnet 2 192.168.5.0/24 eth1 192.168.5.1/24 eth0 192.168.5.2/24 router3.mynetwork.net LAN Subnet 3 192.168.10.0/24 eth1 192.168.10.1/24 eth0 192.168.10.2/24 router4.mynetwork.net LAN Subnet 4 192.168.15.0/24 eth1 192.168.15.1/24 Workstation A 192.168.15.44/24 Web Server 192.168.15.10/24 Workstation B 192.168.15.47/24

Configuring the 1 st router as the internet gateway gateway.mynetwork.net Configure the router host name, domain name, gateway address and the name servers: set system host-name gateway set system domain-name mynetwork.net set system gateway-address 192.168.0.1 set system name-server 4.2.2.1 set system name-server 4.2.2.2 Configure the ethernet interfaces, using ethernet interface eth0 as the WAN interface, and the ethernet interface eth1 as the LAN interface as follows: set interfaces ethernet eth1 address 192.168.0.1/24 set service ssh allow-root true set interfaces ethernet eth0 pppoe1 1 set interfaces ethernet eth0 pppoe1 1 user-id <dsl_service_username> set interfaces ethernet eth0 pppoe1 1 password <dsl_service_password> set interfaces ethernet eth0 pppoe1 1 connect-on-demand show interfaces ethernet eth0 pppoe 1 Configure the NAT service rules in order to enable the translation of internal: set service nat rule 1 source address 192.168.0.0/24 set service nat rule 1 outbound-interface pppoe1 set service nat rule 1 type masquerade show service nat Configure the RIP (Routing Information Protocol) on the LAN ethernet interface eth1. The RIP table will be distributed to the participating interfaces which also have the RIP enabled, every 60 seconds. set protocols rip interface eth1 set protocols rip redistribute connected set protocols rip timers update 60 Show the IP routing table in order to ensure RIP is functioning correctly. run show ip route Configure the NAT rules for the rest of the LAN subnets which will be allowed internet access through the internet gateway router. Configure NAT rule 2 for subnet 192.168.10.0 set service nat rule 2 set service nat rule 2 outbound-interface pppoe1 set service nat rule 2 source address 192.168.10.0/24 set service nat rule 2 type masquerade show service nat rule 2

Configure NAT rule 3 for subnet 192.168.15.0: set service nat rule 3 set service nat rule 3 outbound-interface pppoe1 set service nat rule 3 source address 192.168.15.0/24 set service nat rule 3 type masquerade show service nat rule 3 Configure NAT rule 4 for subnet 192.168.10.0: set service nat rule 4 set service nat rule 4 outbound-interface pppoe1 set service nat rule 4 source address 192.168.20.0/24 set service nat rule 4 type masquerade show service nat rule 4

Configuring the 2 nd router router2.mynetwork.net Configure the router host name, domain name, gateway address and the name servers: set system host-name router2 set system domain-name mynetwork.net set system name-server 4.2.2.1 set system name-server 4.2.2.2 set system gateway-address 192.168.0.1 Configure the LAN ethernet interfaces as follows: set interfaces ethernet eth0 address 192.168.0.2/24 set interfaces ethernet eth1 address 192.168.5.1/24 Configure the SSH server to allow root logins: set service ssh allow-root true Configure the RIP (Routing Information Protocol) on the LAN ethernet interface eth1 and LAN ethernet interface eth0. The RIP table will be distributed to the participating interfaces which also have the RIP enabled, every 60 seconds. set protocols rip interface eth0 set protocols rip interface eth1 set protocols rip redistribute connected set protocols rip timers update 60 Display the routing table in order to ensure the RIP is functioning correctly. run show ip route

Configuring the 3 rd router router3.mynetwork.net Configure the router host name, domain name, gateway address and the name servers: set system host-name router3 set system domain-name mynetwork.net set system name-server 4.2.2.1 set system name-server 4.2.2.2 set system gateway-address 192.168.5.1 Configure the LAN ethernet interfaces as follows: set interfaces ethernet eth0 address 192.168.5.2/24 set interfaces ethernet eth1 address 192.168.10.1/24 Configure the SSH server to allow root logins: set service ssh allow-root true Configure the RIP (Routing Information Protocol) on the LAN ethernet interface eth1 and LAN ethernet interface eth0. The RIP table will be distributed to the participating interfaces which also have the RIP enabled, every 60 seconds. set protocols rip interface eth0 set protocols rip interface eth1 set protocols rip redistribute connected set protocols rip timers update 60 Display the routing table in order to ensure the RIP is functioning correctly. run show ip route

Configuring the 4 th router router4.mynetwork.net Configure the router host name, domain name, gateway address and the name servers: set system host-name router4 set system domain-name mynetwork.net set system gateway-address 192.168.10.1 set system name-server 4.2.2.1 set system name-server 4.2.2.2 Configure the LAN ethernet interfaces as follows: set interfaces ethernet eth0 address 192.168.10.2/24 set interfaces ethernet eth1 address 192.168.15.1/24 Configure the RIP (Routing Information Protocol) on the LAN ethernet interface eth1 and LAN ethernet interface eth0. The RIP table will be distributed to the participating interfaces which also have the RIP enabled, every 60 seconds. set protocols rip interface eth0 set protocols rip interface eth1 set protocols rip redistribute connected set protocols rip timers update 60 Display the routing table in order to ensure the RIP is functioning correctly. run show ip route

Configuring NAT service as port forwarding to an internal Web Server To simplify the terms used in exposing the internal Web Server behind the internet gateway router to the outside world, we will refer to this NAT configuration as 'port forwarding'. This term is commonly used in the configuration of most Small-Office-Home-Office internet router devices. Refer to the simple network diagram to understand the location of the internal web server, which will be exposed to the outside world through the HTTP port 80. Login to the gateway router (192.168.0.1 gateway.mynetwork.net) and enter into the configuration mode: Create a new NAT service rule with an ID of 300: set service nat rule 300 Configure the NAT rule destination port: set service nat rule 300 destination port 80 Configure the PPPoE interface as the inbound interface from which all outside requests pass through: set service nat rule 300 inbound-interface pppoe1 Configure the address of the actual web server as the inside address: set service nat rule 300 inside-address address 192.168.15.10 Configure TCP as the protocol being used for port 80 as already defined in NAT rule 300: set service nat rule 300 protocol tcp Configure the source address as 0.0.0.0/0 since our DSL connection utilizes a single dynamically assigned public IP address by the ISP: set service nat rule 300 source address 0.0.0.0/0 Configure the rule 300 as a NAT rule destination type: set service nat rule 300 type destination Load the new configuration: Test the given configuration to ensure the web server can be accessed from outside. This concludes the tutorial. Open Informatics hopes IT professionals working in areas of computer networking will find this tutorial useful in their research and final deployment of Vyatta routers in IT environments. Any feedback on material published by Open Informatics is greatly appreciated.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information