Find the answer to your Linux question:
Results 1 to 2 of 2
I need some help. I am planning on seting up K12LTSP at the hospital I work at in order to have it as an educational room for the school here ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2005
    Posts
    5

    Firewall/segregation


    I need some help. I am planning on seting up K12LTSP at the hospital I work at in order to have it as an educational room for the school here on campus. For those unfamiliar with it, K12LTSP is based on Fedora Core 4, and the clients are all thin.

    Here's what I am confused at:
    The LTSP server will have 2 NIC's. eth0 for the "education" network, and eth1 which will connect to the hospital's LAN in order to provide Internet access.

    How can I lock it down to where none of the clients will be able to touch the network at the hospital, and that the only thing they will be able to get outside of the "education" network is Internet access through eth1? The IP schemes for the education network and the hospital LAN will both be different.

    I hope I explained it clearly. Thanks everyone!

  2. #2
    Linux User Stefann's Avatar
    Join Date
    Nov 2004
    Location
    Boise, ID
    Posts
    340

    Re: Firewall/segregation

    Quote Originally Posted by MeridianRebel
    I need some help. I am planning on seting up K12LTSP at the hospital I work at in order to have it as an educational room for the school here on campus. For those unfamiliar with it, K12LTSP is based on Fedora Core 4, and the clients are all thin.

    Here's what I am confused at:
    The LTSP server will have 2 NIC's. eth0 for the "education" network, and eth1 which will connect to the hospital's LAN in order to provide Internet access.

    How can I lock it down to where none of the clients will be able to touch the network at the hospital, and that the only thing they will be able to get outside of the "education" network is Internet access through eth1? The IP schemes for the education network and the hospital LAN will both be different.

    I hope I explained it clearly. Thanks everyone!
    Set up a (squid) proxy server on the box to direct web traffic, than block all outgoing traffic on the box towards eth1 from everything except the box itself, I don't know how to do this, I just know that's what you need to do.
    Nothing is worse than ten penguins fighting over which is better, vi or emacs.
    Registered Linux User #404402
    Finally I'm back on LF after a long while.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •