I have two 3750's joined together with a stackwise cable. I have a connection between one of the 3750's physical port and a gateway router. Last week one of the 3750's failed due to power issues, which caused me to lose connectivity to the Gateway Router. I am looking at using either weighted static routes :(, or VRRP :)to create redundancy between these 3 network elements. I have read that I can use VRRP for master and backup interfaces on the same node, instead of master and backup routers? If so, can anyone help me with this solution, as I have no lab to test this.
I have a working configuration, but a question is bugging me.
The question centers around having multiple subnets on a single
interface.
LAN: 10.10.10.1/24 OpenVPN Server LAN IP: 10.10.10.250 OpenVPN Server virtual subnet: 10.11.10.0/24 LAN Static Route: (NET) 10.11.10.0/24 (GW) 10.10.10.250
With the Advanced option "Bypass firewall rules for traffic on the
same interface" is checked, everything works as expected.
But, If I uncheck "Bypass firewall rules...", and start a UDP or TCP
session from the 10.11.10.0 net to the 10.10.10.0 net, the forward
path works, but the return bath is blocked in m0n0wall. Even with
LAN Firewall Rules:
"Pass" any LAN-subnet to any/any
"Pass" any OpenVPN-subnet to any/any
The return (destination 10.11.10.XX) is always blocked in m0n0wall
(per firewall logging).
I am quite satisfied keeping "Bypass firewall rules..." checked, but
I want to understand why m0n0wall is dropping LAN subnet1 to LAN
subnet2 traffic in the firewall.
I've seen this same exact question posed multiple times elsewhere but never any sort of response. Hoping you guys can help.
Thanks in advance.
I recently purchased a server to run m0n0wall or pfSense but I've learned since then that both of these firewall products are based on versions of FreeBSD which weren't yet compatible with the NICs in my new server.
The SuperMicro server that I purchased has dual Intel 82574L Gigabit LAN NICs which and I'd like to find a way to install some sort of firewall on them which will ease firewall management via the use of a GUI.
I know I could simply use pf but since we'd like to have a GUI front end, what are our options? Do I need to return this server and find a vendor that sells older hardware which will be compatible or can I make this hardware work somehow?
I'm searching for an OpenBSD bootable image that I can install on SSD to run pf on. I've found these images for m0n0wall and pfSense but not for OpenBSD alone.
Can somebody link me to an image with instructions on how to install it directly to a SSD?
Thanks in advance.