Endian Firewall 2.3 Rc1

Endian Firewall 2.
3 rc1 - Manual Book
Endian Firewall 2.3 rc1

~ Manual Book ~
Endian Firewall
Endian Firewall 2.3 rc1 - Manual Book
E-book Firewall
Green, Red, Blue, Orange ?

Lan set IP Address

Firewall, Proxy, Load Balance
... ????
ThaiAdmin

ThaiAdmin
...

topic Endian Firewall

Topic
Endian Firewall

Firewall
...
E-Book

Thaiadmin
PM DM
Link
(
.. ^o^ )
... E-book

!! E-book
...
Somhpong Ph.
Soi62@ThaiAdmin
13 Oct 2009
.
....
ref : http :// www . thaiadmin . org / board / index . php ? topic =112996.0
Quality of Service Devices

Part 1 :
Endian Firewall (EFW) Overview
Endian Firewall Community ? (Neoboyd@Thaiadmin)
EFW? ?
EFW(Neoboyd@Thaiadmin)
Hardware (Neoboyd@Thaiadmin)
(Soi62@Thaiadmin)
Part 2 :
Network (Neoboyd@Thaiadmin)
(Green & Red)
(Neoboyd@Thaiadmin)
Network EFW
Green, Red, Blue Orange(DMZ) (Neoboyd@Thaiadmin
Red ThaiAdmin ?
Part 3 :
config Firewall
config system access
config outgoing
Part 4 :
4.1 Proxy (Neoboyd@Thaiadmin)
4.2 Contentfilter block
, (tototyt)
Part 5 :
config Logging Log
Log
Part 6 :
Config VPN server
Open VPN Client to Site (tototyt@thaiadmin)
Open Vpn Site to Site (tototyt@thaiadmin)
IPSEC
Part 7 : Network
7.1 Interfaces : ( Link )

7.2 Routing
:
7.3 Edit Hosts : Hosts
Part 8 : Service
8.1 DHCP : IP Address
8.2 Traffic Monitoring :

Ntop
8.3 Quality of Service Devices (QOS) :
Part 9 :
FAQ
Part 10 :
Appendix ()
Credits ()
Part 1 :
Endian Firewall (EFW) Overview
First Sceen (Dashboard)
Dashboard
Quality of Service and Bandwidth Management
Intrusion Prevention System

Group-based content filtering & enhanced Web Security
Enhanced Network Address Translation (NAT)
Other....
- Traffic-based Hotspot tickets and automatic user generation
- Event handling and notification
- SNMP support
- Revamped Mail Security

- Sophos Anti-Virus (optional)
- Commtouch RPD (optional)
Endian Firewall Community ?

Endian Firewall Community

Unified Threat Management (UTM)*

...
1.
2.
3.
4.
5.
Stateful packet inspection firewall**

Application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with Antivirus support
Virus and spamfiltering for email traffic (POP and SMTP)
Content filtering of Web traffic
VPN solution (based on OpenVPN)
Endian Firewall software Open

source Endian S.r.l.
* Network firewall + E-mail spam filtering + Anti-virus capability + IDS or IPS = UTM
** Stateful packet inspection firewall
EFW? ?
1. Firewall
EFW OpenSource
2. Linux
config Web Browser***
3.
3D
4. consult,
config

5. community ThaiAdmin

" 5
^o^ "
Web Browser : Internet
Explorer, FireFox, Safari, Chrome, etc...
***
Download EFW

Endian Firewall version 2.3 rc1
...
Endian Firewall Community 2.3 Release Candidate
123 MB. download
ISO ISO
CD CD
speed
4x ~ 12X
Hardware
Endian Firewall Community Edition
1. Zone
network
2.
Linux operating system Linux.com article for
more details.
CentOS 4.6 operating system.
CentOS

driver version linux
chipset Realtek Intel

intel Nvidia
Raid
hardware

Computer
Endian Firewall

Network
25 Vpn 5 connection
...
Recommend Spec :
Pentium 3.1 GHz.

512 MB. RAM
8 GB. Hard Disk Drive
1 x 100 Mb. Network Cards (Green & Red )
24 hrs. x 365 days
50
vpn 10 connections :
Performance Spec :
Pentium4 2.8 GHz. up
1~4 GB. RAM up
20~80 GB. Hard Disk Drive (Caching, Logging)*
4 x 100 Mb. Network Cards (Green, Red, Blue, Orange
)
24 hrs. x 365 days
*Caching :
ISP Client EFW
ISP
*Logging : Log EFW .
90 ...
1. CD
CD-Rom Drive
Boot
CD-Rom Drive ....
2. Enter
Enter
..
3.
Enter
4. EFW
HDD Endian
Yes Enter
5. console
Serial Yes
Green ....
No Enter .....
6. 5-10

7. IP Address
Green
().... Enter
...
8. IP Address Eject CD
...
EFW
9. EFW Enter Reboot

...
10. Shutdown 10
11.
CD .... ?

12. config
13.
Green IP ....
0-Shell : linux

1-Restore Factory : config

EFW
Clear
2-Reboot : EFW

14. EFW Shell username=root ;

password=endian ...
exit Enter ...
....
Endian Firewall
Config http://
ip 7
IP Green
1. >>> config
2. English(English)
Asia/Bangkok
3. Accept License
4. Restore Backup
Endian Firewall Restore

NO >>>
Restore Yes
>>> Browse Config
Backup
5.
Remote SSH
6

>>>
6. Red Interface
Internet
1. Ethernet Static IP
IP
2. Ethernet Dhcp IP
IP DHCP Server
IP
3. PPPOE internet Adsl
4.
5.
6.
7.
username password IP ISP IP
Fix Dynamic
Adsl USB PCI adsl interface usb pci
3
driver
ISDN
digital

Analog/UMTS Modem
UMTS*
Gateway Endian
Internet Nat
router

*UMTS "Universal Mobile Telecommunication System"
3G GSM, GPRS EDGE
W-CDMA
-
UMTS
2 Mbit/sec -
EDGE 4
7. Network Zone
Zone
Blue Orange ...
1. Orange Zone DMZ
Server Map Public IP
ISP
2. Blue Zone Wifi Zone
* Blue & Orange

None >>>
8. Internet
8.1 Red interface Ethernet Static
1. IP address ip
Internet Leased Line Adsl
Fixed IP Ip 1 IP
address Subnet Mask
2. Add additional Addresses(One IP/Netmask or IP/CIDR perline): IP

Leased Line IP 8
1 Network Class, 1
Router, 1
Broadcasting 1
Endian Firewall IP 4

Map Orange Zone Server

172.16.1.10/255.255.255.0 172.16.1.10/24
3. Interface
4. Default Gateway Internet
8.2 Red interface Ethernet DHCP
1. Interface Internet DHCP

2. MTU packet

3. Spoof Mac address with Mac address
4. Dns 2 Dns server

ISP Manul Dns server
5. >>>
8.3 Red interface PPPOE
1. Interface Internet
2. Add additional Addresses(One IP/Netmask or IP/CIDR perline):
Adsl Corporate Premium IP
1 ip
Concept username password
authen IP
Add additional Addresses(One IP/Netmask or IP/CIDR perline):
Online Adsl IP
Dynamic
3. Username
4. Password
5. Authentication PAP or Chap
6. MTU packet

7. Dns 2 Dns server

8. Service ISP
9. Concentractor Name
10. >>>
8.4 Adsl (USB,PCI) Adsl Modem

USB PCI
1. Modem
>>>
2. ISP
PPPOE
>>>
3. VPI / VCI
3.1 VPI (
ISP )
3.2 VCI (
ISP )
3.3 Encapsulation LLC
3.4 MTU packet

3.5 Add additional Addresses(One IP/Netmask or IP/CIDR perline):

Adsl Corporate Premium IP
1 ip Concept
username password authen
IP Add additional
Addresses(One IP/Netmask or IP/CIDR perline): Online
Adsl IP Dynamic
3.6 Username
3.7 Password
3.8 Authentication PAP or Chap

3.9 Dns 2 Dns server
>>>
VPI / VCI ISP
ISP
VPI
VCI
Cslox
35
Samart
35
TOT
32
True
100
TT&T
33
CATTELECOM
33
Buddy BB
35
8.5 ISDN
1. Modem ISDN
2.
Internet
Usename
Password
Authen PAP or CHAP

ISDN Corporate Premium IP
1 ip
Concept username password
authen IP
Add additional Addresses(One IP/Netmask or IP/CIDR perline):
Online ISDN IP
Dynamic
8. MTU packet

9. Dns 2 Dns server ISP

Manul Dns server
>>>
3.
4.
5.
6.
8.6 Analog /UMTS Modem

1. Port
/dev/ttyS0/
2. Modem
>>>
3.
4. Access Point
5. Username
6. Password
7. Authen PAP or CHAP

Personal Use
IP
ISP Dynamic
9. MTU packet

10. Dns 2 Dns server ISP
Manul Dns server
>>>
8.7 Gateway
IP Internet
>>>
9. DNS Server 2 (
DNS
) >>>
DNS Server
HiNet by CAT :
DNS : 202.129.27.135 / 61.19.245.246 / 61.19.254.134
HiNet by TTT
DNS : 202.129.27.135 / 61.19.245.246 / 61.19.254.134
TTT ( 3BB )
DNS : 202.69.137.137 / 202.69.137.138
TOT
DNS : 203.113.127.199 / 203.113.24.199
True
DNS: 203.144.207.29 / 203.144.207.49
10.
...
1. Email
2. Email Endian
3. smtp server
>>>
11. OK, Apply Configuration
12.
13. Browser
http:// IP Green Zone
14. login default Webconfig User Admin

password 5
15. Dash Board

~ ~
Part 2 : Network
Network EFW
Zone Linux Firewall

Zone 4 Zone
1. RED :
(untrusted network Internet)
2. GREEN : (trusted
network Intranet(Lan))
3. ORANGE :
Server (DMZ Server Zone)
4. BLUE :
( Wireless )

Zone

1 : Endian Server Firewall

Nat Proxy Management log
2 : Endian Server
Zone DMZ 2
3 : Endian
Zone 4 Zone Endian Firewall
4 : Endian Firewall
Gateway
log internet
Traffic Mornitor
internet
Manual
1Wan(RED) + 1 Lan(Green) Leased Line Adsl
Config
Requirement Adsl
2 Config Adsl

Endian Config Red
Main Uplink Internet
Internet

1. Login Dashboard
Interface
UP
Online Config

CPU MEMORY HDD version
log build
Uplinks
Connect
2.
internet

log Authentication

IP 2 Fix
Dynamic IP Set Fix
DHCP
IP
Endian DHCP
Service -> DHCP-SERVER DHCP

Client IP
Endian Firewall Start Address IP
DHCP End address IP IP
Primary Dns Secondary Dns
NTP IP Time-server

Enable Click Save
IP
policy
Version IP
Dhcp server IP Network
Version
IP Fixed
Lease
Ex.: Notebook
set tcp/ip Optain auto IP
Dhcp Endian Function
Allow only fixed lease IP
Current Fixed lease Notebook
IP Endian
manual tcp/ip properties windows
Add fixed lease notebook
Mac address
ipconfig /all
Add a Fixed Lease IP
save
IP
Add a Fixed Lease
Dynamic IP DHCPserver Endian IP
user
IP Config Dhcp
IP
set
Static DHCP
Add a fied lease
Fixed lease 3
1. Computer Name
2. Mac Address

3. IP Mac address
IP
IP
1. Setup Tcp/Ip
2. Mac address 1 IP 1
3. IP Set manual
Dhcp Fix Lease
4. Version Function Allow only Fixed lease

Current fixed lease
*** Cap ***
*** update DNS
Windows Server Client Dynamic
Dhcp Window server Dns server
Window ip client
ip Faq 2***
3. Default Internet
Client IP Gateway Internet

internet Proxy
Client
internet Firewall
Firewall Firewall

internet
Endian Firewall

Iptable routing port firewall
Port Forwarding/Nat Outgoing
Firewall
Source? --> Destination? Service? Policy? Actions

*** update concpet forward server client
***
Firewall -> Port Forwarding/Nat
Internet Port Forwarding/Nat

Server
online Endian Firewall
*** update concpet internet ***
Part 3 : Config Endian Firewall
Firewall -> Outgoing Traffic

Internet
Config Disable
port 80 443 user

user proxy
Config Endian Firewall

***
***
Part 4 : Proxy
4.1 Proxy
(Neoboyd@Thaiadmin)
Proxy download
internet Proxy server
1 Endian
Proxy
1. Client
Endian
2. Proxy Client
Browser Concept Browser
IP Port Proxy-Server
3. Endian Firewall version 2.3 rc1
Automatic Configuration Script
proxy.pac Script
proxy
address proxy.pac
http://Ip endain/proxy.pac
Domain Group Policy

set proxy client
Admin support
1.
2.
3.
4.
5.
6.
7.
*** Set Proxy Group Policy Domain Windows Server ****

User Configuration
Windows Settings
Internet Explorer Maintenance
Connection
Proxy Setting double click
Enable proxy settings ip endian http port
Use the same proxy server for all addresse
*** Set Proxy Group Policy Windows server Disable

Proxy IE ***
1. Start Run gpedit.msc
2. User Configuration > Administrative Templets > Windows components > Internet
Explorer
3. Disable Changinging proxy settings
4. Enabled
*** Msn proxy ***
1. proxy msn
2. username password user
3.
Proxy Enable proxy
5. Proxy
Green Orange Blue
1. Not Transparent Zone

Authentication
2. Transparent internet
Authentication
Proxy Setting
1. Port Used by Proxy Port Proxy

server
2. Error Langauge Error
3. Visible Hostname Proxy-server
4. Email Used For notification

5. minimum download size
download
6. Maximum upload Size
upload
7. Allowed port port proxy
SSL
8. Log Settings log

log user agent

9. By pass tranparent proxy config
Authentication
10. Cache Size on harddisk proxy

harddisk
cache

Harddisk user cache
11. Cache Size within Memory Cache

Ram
12. Maximum Object Size

proxy

cache
cache

version
KB
13. Minimum Object size
proxy
internet
jpg swf html
1024Kb. 1 Mb.
version
KB
14. Clear Cache
Clear cache
index squid
15. Enable Offline mode offline

cache
internet
16. Do not cache this destinations url

cache
17. Upstream Proxy Proxy proxy

speed cache

ip:port username password Click
Save

6. Antivirus

7. Authentication

Local username password
Endian Windows Authentication Ldap
Window Domain Radius
Server Endian Username
Password Radius Server
Authentication Local

1. Authentication Realm
2.
3.
4.
5.
6.
7.
8.
login
proxy
Number of Child Authentication children login
Number of different ips per user IP

user
IP user login comupter

user login
1
Authentication cache TTL user login
User/IP Cache TTL user IP
4
Min Password Lenght

user
Manage User
user
Manage Group User
USER Click Add NCSA user
user password
create user
Create User 2 Admin User

Authentication
authentication click Manage Group
Group admin add user admin

Group Admin Create Group
add User Group
add User Group Group

Apply
User Group
Group Policy Internet

1. Proxy -> Access Policy Policy
2. Add Access Policy
3. Policy
1. Source Type Policy
Any Authentication
Internet
2. Destination Any
Authenticaiton user
internet
3. Authentication

Allowed Users
4. Time Restriction
5. Active Days 4 Active

Days policy
6. Start Hours, Start Minutes, Stop Hours Stop Minutes 4
policy
7. User Agents Browser
click Browser
8. Access Policy Allow
Authentication
9. Filter Profile Endian Filter

Virus
10. Position Policy

11. Enable Policy Rule policy
Update Policy

Apply Policy
apply
Policy
Reboot
login
user Set
internet login browser username password
4.2 Contentfilter block

, (tototyt@thaiadmin)
*
Endian Firewall Community release 2.3.0 (c) 2004-2009

(
)
1. Profile Create a Profile
Profile ( content1 )
1.1 Profile Name :


1.2 Activate antivirus scan * activate
antivirus scan
1.3 Platform for Internet Content Selection

1.4 Max. score for phrases (50-300) *
1.5 3
- Filters pages containing phrases of the following categories. (Content

Filtering)

(Content Filtering)
- Filter pages known to have content of the following categories.

( URL Blacklist )

Filter
( URL Blacklist )
- Custom black- and whitelists

Custom
1.6
Create profile Update profile

1.7 Contenfilter Profile
Prolicy Tab Access Policy

Add access policy
Filter profile
Profile
: Policy


**** Update ****
Part 5 :
config Logging
Log
Live log Proxy

log
*** update ***
*** update ***
Backup Configuration Restore Configuration

*** update ***
FAQ
Q: EFW "GRUB
Loading Stage 2 ......" EFW ?
A: EFW

console
Serial port port
...
Serial port BIOS EFW
Q: DNS server Window Server Client

Dynamic IP Endian firewall Dns server
Window ip client
A: Windows Server Dns Server
Domain Allow Dynamic update Non-secure and Secure
Dns
update Aging Scavenge
Q:
A:
Q:
A:
Q:
A:
Part 6 Config Open VPN

6.1 Open VPN Client to Site
OpenVPN Host-to-Net ( Client to Site ) Endian Firewall
Community 2.3 RC1

( : tototyt ,
:Noktualek )
2/07/2008 ( 27/10/2009)
efw 2.3 RC1
Endian Firewall Community

OpenVPN
net-to-net host-to-net
host-to-net
VPN host-to-net 1
(LAN)
Internet LAN
(Internet)
LAN

LAN
VPN
1 VPN host-to-net client to site

VPN
1. Public IP Fix IP Site A
2. Fix IP Dynamic DSN
3. IP IP
VPN Subnet

192.168.1.0/24
remote 192.168.121 .0/24

192.168.1.1/24 Endian Firewall
Remote ADSL Router 192.168.1.1/24
IP Address VPN
Server
1. Endian Firewall Community Web Browser
(https://server_ip_address:10443)

2. vpn Openvpn
Server Tab Server configuration
3. Dynamic IP pool start address Dynamic IP pool end address

IP Address (LAN)
( Roadwarrior )
checkbox OpenVPN Server enabled

IP
VPN DHCP
IP 192.168.1.151-219
4. Save and restart 2
5. Accounts
Add account
6. Username Password checkbox Direct all client

traffic through the VPN server
Save
* connect Fix IP
IP Static ip addresses
7. Restart OpenVPN server 5
8. Advanceed
6 Save and restart
6 Advanced
9. Download CA Certificate XXX.cer
Client 7 (
IE 8
xxx.cer (xxx
) Firefox Google Chrome
xxx.pem
Service VPN Server

Status Services STOPED

RUNNING

Client
1. OpenVPN GUI for Windows
http://openvpn.se/ Download
Stable Installation Package
openvpn-2.0.9-gui1.0.3-install.exe
2.
OpenVPN client
Default Options

C:\Program Files\OpenVPN
3. Icon
Taskbar
4. client.ovpn C:\Program
Files\OpenVPN\sample-config C:\Program
Files\OpenVPN\config

5. VPN Icon 9
Edit Config
C:\Program Files\OpenVPN\config\client.ovpn
6.
( config
copy config
client
dev tap
proto udp

remote site-001a.dyndns.org xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
persist- key
persist- tun
ca cacert.pem ( 9)
auth-user-pass
comp- lzo
remote
Domian site-001a.dyndns.org
IP Address OpenVPN Server IP
Public IP IP
port 1194
ca path (
CA )
7. disable cert client.crt key client.key client.ovpn
";" (
6
)
8. CA (xxxx.cer) OpenVPN Server
( 9 Server)
config C:\Program Files\OpenVPN\config
1. Connect Icon OpenVPN Client

user password 10
10
2. Connect OpenVPN Icon Taskbar
11
11
3. IP Address Server
IP pool 12
12
4. OpenVPN Server
user
13 kill

13
user
CA
Server
(
)
1. Server IP Client
IP

IP Dynamic IP pool start
address Restart
Connect
IP
2. Connect
Firewall VPN traffic Enable VPN
Firewall

rule
Open VPN
1. Webconfig Endian
Forward Router
2. Ping Private IP Address VPN Client IP Address
3. Remote Admin File Sharing Printer Sharing
VPN Client to Site ADSL

1.
ADSL client endian server
2. Database
Map drive Express
VPN Client
Site

Terminal Remote Desktop
3. Open VPN Client(Open VPN 2.0.9)
Windows 7
4. Internet VPN Client
gateway Endian Server

Upload Endian Server (
)
5. 4 LAN Policy Firewall
VPN Policy

6.
IP Address
7. Sharing folder
Protocal UDP TCP 6
client 6
8. IP
Class A 10.0.0.0/24 Endian 2.2 IP
Client VPN
192.168.0.0/24
Bug

* Rule

6.2 Open VPN Site to Site Net-to-Net Endian Firewall

25/11/2006 (
: )
Endian Firewall 2.3
OpenVPN Net-to-Net Endian Firewall

2.3
VPN net-to-net
Site-to-Site Intranet VPN
2 Site A Site B
Site

Site

Site
IP Private IP Site
VPN OpenVPN
Open Source
OpenVPN Endian Firewll
1 VPN host-to-hots

Site
A Site B

Server Site A
*
Host-to-Net Client To Site
1. Endian Firewall 2 Site

2. Endian
3.
4.
Firewall Community
Web Browser (https://server_ip_address:10443)
vpn
Openvpn Server
Tab Server configuration
Dynamic IP pool start address Dynamic
IP pool end address IP Address
(LAN)
( Roadwarrior )
checkbox OpenVPN Server enabled

2
2 Server configuration
5.
Save and restart
2
6.
Accounts
3 Add account
3 Accounts
7.
Username Password
checkbox Direct all client traffic through the VPN server

4 Save
4 Add new user
8.
Restart OpenVPN server
5
5
9.
Advanceed
6
Save and restart
6 Advanced
10. Download CA Certificate
XXX.cer
Server Site B
7 Download CA Certification
Status Services

STOPED
RUNNING 7.1
7.1 Open VPN Server Status
Server Site B
1.
Site B
OpenVPN client (Gw2Gw)
Add tunnel configuration
8 OpenVPN client (Gw2Gw)

2.
Add VPN tunnel 9
- Connection Name :
- Connection to : Public IP VPN Server

Site A
- Upload ca file : CA
VPN Server Site A
- Username : username VPN Server
Site A
- Password : password VPN Sever

Site A
- Remark :
9 Add VPN tunnel

3.
Advanced tunnel configuration

10
Connection configuration
Fallback VPN servers :

Prot
(1194)
Connection type: Routed
Bridge to : GREEN
Block DHCP responses coming from

tunnel:
NAT : *
Ping
Protocol: UDP
HTTP proxy configuration

*
Proxy
HTTP proxy :
Proxy username :
Proxy password :
Forge proxy user-agent :
10 Advanced tunnel configuration

4.
() CA
11
11 Advanced tunnel configuration

5.
Siate A
Connection status and
control 12
IP Address
Global
settings VPN Server Site B
Status Site B established
13

Client
VPN Server
Site A
12 Connection status and control Site A

Site B
13 Status Site B
* Site A
Site B
1. Connect ( Status established ) Ping
- Advanced tunnel configuration NAT
- Filewall / VPN firewall configuration Rule

(Disable)
- Ping Site B Site A Ping Site A Site B
established
2. Connect ( Status established ) Ping
- ......
Part 7 : Network
7.1 Interfaces : ( Link )
7.1.1 Uplinks manage
*
Intranet

Loadbalance
Lan Card Drivers Lan Card
Route Endian Firewall
1. Interfaces TAB Uplink editor

Create an uplink 7.1.1-1
7.1.1- 1
2.
3.
Create Uplink
7.1.2 VLAN manager ..
7.2 Routing

( Policy Routing )

Routing
7.2.1
1. Tab Static
7.2.1-1
Static Routing Editor )
Routing / Add a new route

7.2.1- 1
2.
3. Add
Route
7.2.2 (
Policy Routing Editor )
1. 7.2.1
()

7.2.2-1
7.2.2- 1

2.
Update Rule
*
Multi WAN , Internet Load Balance
( Route )
7.3 Edit Hosts : Hosts

Hosts
Client
Report Log
Ntop IP
Hosts
IP
Part 8 : Serveice
8.1 DHCP : IP Address ( Dynamic Host
Configuration Protocol )
DHCP
IP Address
8.2 Traffic Monitoring :

Ntop
NTOP ....
8.2.1. NTOP ( Enable Traffic Monitoring )
Service / Traffic Monitoring Enable Traffic
Monitoring NTOP

The Traffic Analyzer module is active: access to

the administration interface
8.2.2 NTOP ( Access to the NTOP By : administration interface )

administration
interface 8.2.2-1
8.2.2- 1
8.3 Quality of Service Devices (QOS) :
8.3.1 :
Devices
: Quality of Service
8.3.2 :
Classes
8.3.3 :
Rules
: Quality of Service
Quality of Service
Part 9 : QQ
Tip
1. Restart
- password password
"endain" ( " ")
- password root
# passwd control password
- password admin config web
# htpasswd /var/efw/auth/users admin
- update
" configure
Tools -> Options -> Advance -> Encryption -> View Certificates
Servers ip address endian firewall
Servers
Authorities efw-xxxxxx
"
NinNin
http://www.thaiadmin.org/board/index.php?topic=121955.0
Noktualek
Part : 10
Referrence
http://www.easyzonecorp.net/network/view.php?ID=241
http://www.itwizard.info/technology/linux/efw/ovpn_host_to_net/efw_ovpn
_host_to_net.html
http://samba-beginner.blogspot.com/2009/01/setup-openvpn-endianfirewall.html
http://samba-beginner.blogspot.com/2009/02/openvpn-endianfirewall.html

Endian Firewall 2.3 Rc1 - Manual Book

Uploaded by

Endian Firewall 2.3 Rc1 - Manual Book

Uploaded by

Endian Firewall 2.

3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Green, Red, Blue, Orange ?

topic Endian Firewall

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Quality of Service Devices

Endian Firewall 2.3 rc1 - Manual Book

7.3 Edit Hosts : Hosts

Endian Firewall 2.3 rc1 - Manual Book

First Sceen (Dashboard)

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Intrusion Prevention System

Enhanced Network Address Translation (NAT)

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall Community ?

Stateful packet inspection firewall**

Endian Firewall software Open

Endian Firewall 2.3 rc1 - Manual Book

chipset Realtek Intel

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

9. EFW Enter Reboot

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

1-Restore Factory : config

Endian Firewall 2.3 rc1 - Manual Book

14. EFW Shell username=root ;

exit Enter ...

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

3. PPPOE internet Adsl

username password IP ISP IP

Endian Firewall 2.3 rc1 - Manual Book

* Blue & Orange

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

8.2 Red interface Ethernet DHCP

1. Interface Internet DHCP

Endian Firewall 2.3 rc1 - Manual Book

3. Spoof Mac address with Mac address

4. Dns 2 Dns server

8.3 Red interface PPPOE

Endian Firewall 2.3 rc1 - Manual Book

7. Dns 2 Dns server

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

8.4 Adsl (USB,PCI) Adsl Modem

Endian Firewall 2.3 rc1 - Manual Book

3.4 MTU packet

3.5 Add additional Addresses(One IP/Netmask or IP/CIDR perline):

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

7. Add additional Addresses(One IP/Netmask or IP/CIDR perline):

9. Dns 2 Dns server ISP

Endian Firewall 2.3 rc1 - Manual Book

8.6 Analog /UMTS Modem

Endian Firewall 2.3 rc1 - Manual Book

8. Add additional Addresses(One IP/Netmask or IP/CIDR perline):

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

Endian Firewall 2.3 rc1 - Manual Book

* Set Proxy Group Policy Domain Windows Server **