Topic: Server & Gateway mode with one NIC

[Tom Carroll]

I may be way off base here, but I have a friends server at my location.  It is not needed for an internal network at all, or even as a gateway.  All it is need for is to host his own domain, without it being a virtual domain on the same IP as mine.  The reverse lookup/inverse mapping must match his domain, so it cannot be a virtual domain.

Now, the machine has only one nic, eth0, which is configured with his public IP address.  I told SME to swap the two (eth0 swapped with eth1) in order for the server to pass the internet connection test.

Now, when I try to get into the web administration panel from the local console as root, it will not allow me to if I use https://192.168.1.1/e-smith-manager.  It gives me an alert telling me "Unable to connect to remote host."

I configured the server to be "Server & Gateway mode".  I tried server only mode, but it only allows local (internal network) access.  If I set it to gateway mode it only acts as a gateway and firewall...

Is there a simple solution for this?

Tom Carroll
Dataware Computers

[John Simons]

Tom,

Network card = $10
Your Sanity = priceless


Unless your computer cannot physically take another network card, there is no reason why you can't just buy another card and install it.

Network cards are cheap, cheap, cheap.

For security reasons, you definately want to have two NICS to control traffic to and from the network.  Don't do it through one card because IP's can be spoofed very easily.

[Tom Carroll]

Roger that John!

I was just wondering if there was a need to have the internal network defined if one does not exist, and therefore if I had to have the second NIC in the machine.

And, by the way, I have access to the machine now, so it looks like it may be working now.

Anyone know of a way I can check the security of the external interface (eth0) to ensure it does not accept any connections for a 192 class address?

Oh, and I do have another NIC, but it is a D-Link 530TX.  Anyone have a driver for that card?

Thanks!

Tom Carroll
Dataware Computers

[Kurt Baetens]

Hello Tom,

For the D-Link 530TX, just use 'select driver dire­ctly' and use the  ­'via-rhine'-module.

Should work !

Kurt.

[Tom Carroll]

I discovered something last night.  I did an ifconfig and it only shows the eth0 and lo devices.  No eth1 and no local IP address defined, so I believe this makes the system secure.

However, I may still install the other nic just to give me access to it via the local network.

Thanks!

Tom Carroll
Dataware Computers

[Rob]

Kurt Baetens wrote:
>
> Hello Tom,
>
> For the D-Link 530TX, just use 'select driver dire­ctly' and
> use the  ­'via-rhine'-module.
>

Tom

if you try this cuold you please drop me a line and tell me if it works?

Ta..    Rob