fw01 (vyOS) - jude-lindale/Wiki GitHub Wiki
- First is to make sure that fw01 is set to the right network adapter in this case there should be three adapters:
-
Using the default credentials to login, the next step is to set the hostname:
configure set system host-name fw1-jude commit save exit
-
Next logout and log back in so the hostname can take effect
-
Check the interface assignment using the following command:
show interfaces
-
If any of the interfaces have an dhcp assignment delete it using:
configure delete interfaces ethernet eth# address dhcp
-
Next is to give each interface a description using the following commands:
configure set interfaces ethernet eth0 description SEC350-WAN set interfaces ethernet eth1 description JUDE-DMZ set interfaces ethernet eth2 description JUDE-LAN commit save exit
-
Then give each interface its assinged IP address usign the following command
configure set interfaces ethernet eth0 address 10.0.17.119/24 set interfaces ethernet eth1 address 172.16.50.2/29 set interfaces ethernet eth1 address 172.16.150.2/24 commit save exit
-
Next is to inform the SEC350-WAN interface how to get to the internet using the following commands:
configure set protocols static route 0.0.0.0/0 next-hop 10.0.17.2 set system name-server 10.0.17.2 commit save exit
-
lastly make sure that fw1 can ping google.com
Configuring fw01 for NAT and DNS Forwarding on fw01
-
To configure fw01 for NAT and DNS Forwarding on fw01 run the following commands:
configure set nat source rule 10 description "NAT FROM DMZ to WAN" set nat source rule 10 outbound-interface eth0 set nat source rule 10 source address 172.16.50.0/29 set nat source rule 10 translation address masquerade commit save exit
Configuring fw01 for DNS forwarding
-
to configure fw01 for DNS forwarding run the following commands:
configure set service dns forwarding listen-address 172.16.50.2 set service dns forwarding allow-from 172.16.50.0/29 set service dns forwarding system commit save exit