Topic: newbie: recommendation for network setup.

[cydonia]

Hi,

I'm new to linux and thus SMEServer, but have found that SMEServer is by far the easiest server to setup.  

At the moment, i only use it as a file server.  However, i would like to set it up as a gateway... if you guys think it would make security etc. any better.

My current equipment/settings is as follows:



netcomm nb1300 Modem = Bridge mode (connected to router)
netgear mr314 Router = dhcp enabled.

At the moment my SMEServer just plugs into the router and sits alongside the clients on the network.


Is it worth it to change this setting to use the SMEServer as a gateway/firewall?  Will it be more secure?  

----------------------------------------------------
Apart from this, i just wanna do it for the learning experience... .  What parts of my setup would i change to do it?

my thoughts:

- reset router config - (after backing up:))
- disable dhcp

connect modem & router to sme server.  Enable dhcp on SMEServer.  Connect to ISP using client on SMEServer.

Right?




Thanks.

[Boris]

Is it worth it to change this setting to use the SMEServer as a gateway/firewall?  Will it be more secure?

Not really. Leave your router as a firewall for now and start playing with your SME server. If you break it, at last Internet will not be interupted, so you will be able to hop to this forum and search for solutions.

If you need simple public web server to test, forward on your router port 80 (and 443 for HTTPS if needed) to your server.

Apart from this, i just wanna do it for the learning experience... . What parts of my setup would i change to do it?

As you learn enough how to use your SME and have some public services running on it (web, e-mail etc) you may consider add second NIC to it and replace your router with SME to test firewall features, Otherwise its safely can stay inside as it is now for internal use and learning.

[cydonia]

Thanks Boris.

Thats all i needed to know:)

edit:  actually, with regards to the forwarding of ports 80/443.  I have done this.  But, when accessing my server using dyndns (myname.dyndnsdomain.com).  It goes to the router.  192.168.0.1,  not the server,  192.168.0.10.

btw. I'm not sure if i'm even on the right track here...

cheers.

[cydonia]

Ok, i set up SME Server as a gateway in an attempt to get dyndns to work...

Good news is, that i successfully changed SME to be a gateway and its now taken the place of the router (router now just acts as switch).

mydomain.homelinux.com now sends me to http://myservername/.  Which is good.  But this only works from inside the network.

So, how can i forward a port to the gatewate itself, to allow outside webaccess?

Since, the gateway is also the webserver, is it possible to open port 80?

Thanks

[Boris]

So, how can i forward a port to the gatewate itself, to allow outside webaccess?

You don't need to do it anymore. Create an ibay with your site context or put your page in the primary ibay. In the ibay property choose access from Internet. This will be publicly visible via mydomain.homelinux.com or whatever your dyndns domain is.
In your other tread you've asked how-to deal with your registered domain and dynamic IP. Here is what you could do:
Create an account with zoneedit.com (free up to 5 domains).
Create zone for your mydomain.com and put fake IP for it temporary.
With your registrar change DNS servers for your domain to zoneedit DNS servers per instructions from zoneedit.com.
Zoneedit has web redirector that you can use to point http://www.mydomain.com to http://mydomain.homelinux.com
Create MX record for mydomain.com and put mydomain.homelinux.com as a mail server for domain mydomain.com.
This should keep you occupied for a while.
Good luck.

[cydonia]

\/

[cydonia]

Ok, forget all that bs i wrote... basically.

As far as i can see, zoneedit is setup properly through the web.

And i have assignmed zonedit nameservers to my domain dns records.

So, how does zoneedit know to look for my personal computer IP address?

at the moment, the chain looks like:
Ie.  DNS records ---> zoneedit --->  where?


Since, if zoneedit is not pointing to my personal computer (where my webserver is located, and thus the files), then it will never work.


Thanks and sorry that this is so elementary.  I just cant get it to work...

[Boris]

Zoneedit has web redirector that you can use to point http://www.mydomain.com to http://mydomain.homelinux.com
Create MX record for mydomain.com and put mydomain.homelinux.com as a mail server for domain mydomain.com.

[cydonia]

Thanks Boris.

I cant test this externally till tomorrow.  But i'm confident it will work.

Once i have it working.  I'm gonna write a step by step howto for this.

thanks again.

Cya.