Find the answer to your Linux question:
Results 1 to 4 of 4
Hi Everyone I have existing Sonicwall Router (Firewall) in my network which has already connected to my ISP Connection. We are using Sonicwall as a router+firewall+vpn connections. (Sonicwall has already ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2004
    Posts
    2

    Need Help for Linux Firewall


    Hi Everyone

    I have existing Sonicwall Router (Firewall) in my network which has already connected to my ISP Connection. We are using Sonicwall as a router+firewall+vpn connections. (Sonicwall has already configured existing firewall rules like VPN Tunnel, SSH Connection with Client, Redirecting Port, POP3 and SMTP, IKE and IPSec).

    Now we want to add another Linux Firewall for the security reasons (such as blocking chat rooms, briefcases, chat file transfering, email attachment and other security reasons - we need to this selectively for any IP based in the my lan pool. We have signed very strict terms for IP protection for the our new project.

    As Sonicwall does not have many security features to blocking such kind of tools, that is why we are planning to setup another Linux Based Firewall but we still want to Sonicwall for vpn accessing.

    The Sonicwall VPN Tunnel has already configured and we are connect to our VPN Client on regular basis.
    (IP protection

    My Brief Diagram is :-

    ISP Connection ----SONICWALL----LINUX FIREWALL-----INTERNAL LAN

    Questions :-
    1) How do I accomplish this setup.
    2) How will functional sonicwall existing vpn and others rules if Linux seats between?
    3) What about VPN Traffic if Linux server stand between Sonciwall and LAN?
    4) If I could use Squid Proxy to blocking above tools then how will vpn traffic moving between sonicwall to my lan over proxy or using linux gateway.
    5) I have 90 users in my lan and out of them only 4 users have rights to access vpn. If I could allow this 4 users to access internet using directly Linux gateway. (Iím not planning to block above tools to this 4 users because they need direct connection).
    6) If I would go for Squid Proxy then what configured required for outlook mails to download using squid proxy. (Becauze as per my experience for downloading and sendming mail using outlook needs direct gateway connection it will not run on squid proxy).

    7) Which Linux Firewall is suitable to blocking above tools. (Iptables, IPCop, Shorewall etc.)

    Note :-
    We do not have planning to get new ISP Connection. (We have only single ISP Connection which has already connected to Sonciwall)

    Sonicwall has two IP's one is Public Static IP and one is Our Private LAN IP. Private LAN IP where are used as a getway to our user to browsing and vpn connection.

    I would like to thoroughly our relationship with you. This Group have been extremely helpful to me.

    Thanking you in advanced.

    Mike

  2. #2
    Just Joined!
    Join Date
    Nov 2004
    Posts
    5
    Hi Mike

    Iptables should work fine for this setup. Basically you want to setup a router only allowing the 4 administrative clients access to VPN through the sonic firewall (Enable port 1723 for their IP adresses on Linux). Furthermore install squid on this machine and configure the remaining clients to access internet via the proxy server.

  3. #3
    Just Joined!
    Join Date
    Feb 2009
    Posts
    11

    sonicwall and squid

    Hello Mike,

    I have the same environment like yours. I have configured Squid proxy to filter the content with fedora core and iptables on it but I don't know how to implement on the network.

    ISP--> SonicWALL--> Proxy--> LAN


    Did you solve the issue?? then how??
    Could you please elaborate?

    Thanks!

  4. #4
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    This thread is 7 years old, please start a new thread if you still need help. Thanks.
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •