Hot Downloads



The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: LAN Connections

LAN Connections 15 years 2 months ago #3637

  • Savish
  • Savish's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 4
  • Thank you received: 0

We have 2 Local Lans LAN1 = LAN2 =

LAN1 machies have one network card with 2 IP'S one in network with Default Gateway and other in network , LAN1 is behind the NAT getting internet acceess from firewall.

LAN2 machines have 2 network cards one with IP in and other is public IP with default Gateway pointing to the Firewall(same

as the above)

LAN1 and LAN2 are connected through a Managed switch,so all the LAN1 machines can access the LAN2 machines since LAN1 machines have 2 IPS

This works fine.

Example ipconfig of one of the machine in LAN1 looks like as follows

IP Address. . . . . . . . . . . . :
Subnet Mask . . . . . . . . . . . :
IP Address. . . . . . . . . . . . :
Subnet Mask . . . . . . . . . . . :
Default Gateway . . . . . . . . . :

The Questions is,I want to controll the traffic from LAN1 to LAN2 ,specifically I want to restrict some types of services to some of the

machines traffic moving from LAN1 to LAN2. can I achive this by a managed switch between LAN1 and LAN2,or some kind of software firewall,or

router??What is the better way to achive this??

It would be good if I can achive the above task without adding a networkcard to LAN1 machines,and also not adding the LAN 2 to firewall.
Bottom line is with minimun network changes I would like to get the result.

Any help is greately appriciated


Network Changes 15 years 2 months ago #3688

Since you say you want to restrict certain services, I presume you mean you want to block some ports but let others through. To do that you need something with packet filtering capabilites such as a firewall or a router between the two LANs. As you say, a software firewall might be a good bet. There are several Linux-based GNU licensed ones available on the web that you can install on a legacy PC. So all you'd need is an old PC, a couple of network cards and a bit of work

Re: LAN Connections 15 years 2 months ago #3689

Yes you can use Coyote Linux.. or Smoothwall.. or just any Linux distro with iptables / netfilter support (pretty much every new one).. however if you use a non-firewall distro such as redhat etc.. make sure you select the 'router / firewall' minimum installation option in the setup, otherwise you'll have a firewall loaded with a whole lot of other stuff that you'll have to turn off.

Sahir Hidayatullah. Staff - Associate Editor & Security Advisor

Re: LAN Connections 15 years 1 month ago #3941

Well, I recommend IPCop. Put LAN 1 on Green interface, LAN2 on Orange interface, and internet connection on Red. Simple enough to forward ports etc from one to the other but green gets to access everything whereas orange is still firewalled off from green... give it a try. To give you an idea, I'm running a good few machines off a 1 meg connection through an IPCop machine with 64meg ram and a P2-266 processor. Things are actually speeded up by it and added bonuses include built in proxies and dns server etc etc.

Re: LAN Connections 15 years 1 month ago #3946

IPCop is a code-fork of Smoothwall.. so they are pretty much identical.

Sahir Hidayatullah. Staff - Associate Editor & Security Advisor
  • Page:
  • 1
Time to create page: 0.109 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup