Koozali.org: home of the SME Server

Obsolete Releases => SME 7.x Contribs => Topic started by: lucho115 on July 14, 2006, 07:42:06 PM

Title: i need to know howto add a 3ª interface to sme7 , todo a dmz
Post by: lucho115 on July 14, 2006, 07:42:06 PM

in the setup , or in de console, or in ther server-manager is no way to do it, so i think in adding config manually in /etc/sysconfig/network-scripts/ifcgf-eth2, but if i doit , when update the system or chande something with the server-console, i will have to make the config again or its will be permanent?

thanks

bye

Title: Re: i need to know howto add a 3ª interface to sme7 , todo a
Post by: cactus on July 14, 2006, 09:57:51 PM

Quote from: "lucho115"

in the setup , or in de console, or in ther server-manager is no way to do it, so i think in adding config manually in /etc/sysconfig/network-scripts/ifcgf-eth2, but if i doit , when update the system or chande something with the server-console, i will have to make the config again or its will be permanent?

thanks

bye

I seem to remember that I somewhere read that SME only supports two NIC's, if I remember correctly it was in a thread about seting up a Wireless Access Point using a Wireless PCI card as a third NIC next to the internal and external NIC of the SME Server.

Isn't that part of the configuration templated as well. Have a look at the /etc/e-smith/templates/ folder to see if there is an entrie for your configuration script.

BTW if I am correct you only need two NIC's for a DMZ:

Internet ----- Gateway1 ------ Gateway2 ------ LAN

Title: Re: i need to know howto add a 3ª interface to sme7 , todo a
Post by: genzil on July 16, 2006, 02:17:12 PM

Quote from: "cactus"

BTW if I am correct you only need two NIC's for a DMZ:

Depends on how you configure you network.

You can have a dmz on a different network, here you will need 3 network cards:

internet --- SME--- Internal Network
                    |---- DMZ
(or http://en.wikipedia.org/wiki/Image:Demilitarized_Zone_Diagram.png)

Or as you put it, an onion approach, where each layer of the onion gets more protection.  This needs only two cards on a machine that goes between the layers, but it does need a computer/router/firewall for each layer:

                    |-------------------------------------------------------|
                    |                           |--|                        |
Internet --- Layer1 --- Layer2 --- Layer3 --- Layer2 --- Layer1 --- Internet
    |                              |----------------------------|                           |
    |---------------------------------------------------------------------------------------|

(I hope my diagram makes sense, couldn't find an image)

Title: i need to know howto add a 3ª interface to sme7 , todo a dmz
Post by: kruhm on July 17, 2006, 01:58:32 AM

type in the search box: 3rd nic