Topic: third nic internet only access

[g7pkf]

Now i may be a bit of a wally but i run sme 5.5 (not a wally for that)

Is it possible to add a third network card to allow internet only access.

netcard 1=lan connection to internet (dhcp so only 1 ip address avalible)
netcard 2=lan connection to internal network

What i am trying to do is set up a community wireless access point and don't want users to be able to access my sme box or any of the services etc avalible on the private side.

anyone done this?
can anyone think of a better way of doing this, perhaps by setting up a restrictions to a group of ip addresses on the private lan, using another box as a sort of router/firewall and passing all traffic that should go to the sme to the sme transparently (web email etc)?

if someone has done this in any way how?

cheers Dean

[Paul F]

I created another IBAY. This one works as I thought it should. I create directories/files inside and permissions are given to the STAFF group for all items.

My original IBAY as mentioned is not giving permissions to STAFF except outside the directory that was originally created

Thanks for any help!

[g7pkf]

I think you meant to post a sperate topic yes?

[andrej]

Add third NIC and DO NOT enable SAMBA service on it. This works - tested !!!

andrej

[g7pkf]

Any one know of a how to on adding a third nic card, i did read one regarding high avalibility servers but couldnt make sense of it.

Yes i have searched the forums but can find nothing relevant

cheers Dean

[dave]

Hi Dean,

From what I can see, setting SME up with a 3rd NIC is a fully manual procedure.  SME is made to be a very simple to administer gateway/firewall system.  Adding a 3rd NIC kind of goes against that design - if anyone else knows different, please correct me.

One thing I've found, by way of another post here some time back, is a software router product called MikroTik.  This router software has the ability to support multiple interfaces and has add on modules to support wireless access.  They have a 4 user free download available, if you need more users, the registration price is very resonable.  I've used the router OS in conjunciton with SME where SME is the actual gateway and the router isolates a portion of my network.  I did it more to learn about routing than anything else but it may provide what you're looking for.

Website is www.mikrotik.com.

Dave

[guestHH]

If the 'high availability' how-to did not make sense, it doesn't mean it doesn't work...

It has several 'requirements' like being able to understand and create curom templates...

Are you?

[g7pkf]

Thanks guy's I have now re-read the "high avalibility server" stuff again and can half make sense of it (i am in no doubt it works)

I think its a case of try it and see, so i have built a test server to have a "play" with...

just one probarly stupid question from what i can gather you have to switch on samba to a net card and by default it is not enabled, am i correct?

now another thought has occurred to me after reading the how to i need dhcp on this netcard as well as for the existing card but preferably with a different ip range,,,, time to read dhcpd man pages or can someone offer some help?

just think a month ago i wouldnt have dreamed of configuring up a linux system like this... the problem is compared to nt it all seems too easy, when i got my sme box up, going on the internet and secure in under 30minutes i was too put it mildly "surprised"....cheers for all the help guys---keep it coming

[guestHH]

Only 1 samba service is active in the setup. Switching servers and enabling/disabling samba is done automatically.

Samba is an example in the how-to. To use DHCP set up DHCP ranges on both boxes the same. Ad DHCP to the resource file (like samba) and let the client point to the virtual address of the cluster.