kenneth2k1
09-20-2007, 04:26 PM
Hello all:
The guy that was the admin before me purchased this Twinguard firewall from eracks. It is a rack unit with two systems that they pre configured with OpenBSD and PFW. They configured two carp groups: carp0 and carp1. It appears it has been configured to fail over from one system to the next. I am new to carp and openbsd and hardware firewalls in general.
Here's how it's been pre-configured from the message I was given:
# On TWIN1:
/etc/hostname.vr0: inet 10.1.2.134 255.255.255.0 NONE
/etc/hostname.vr1: inet 192.168.1.134 255.255.255.0 NONE
# On TWIN2:
/etc/hostname.vr0: inet 10.1.2.135 255.255.255.0 NONE
/etc/hostname.vr1: inet 192.168.1.135 255.255.255.0 NONE
# On Both systems:
/etc/hostname.carp0:
inet 10.1.2.2 255.255.255.0 10.0.0.255 vhid 1 pass foo
/etc/hostname.carp1:
inet 192.168.1.2 255.255.255.0 192.168.0.255 vhid 2 pass bar
From what I understand, TWIN1 is one system and TWIN2 is the other. Here's what I need to know:
1. How do I change the IP numbers to suit my network?
2. Right now it appears that I can only firewall one network, since each system in the rack unit only has two NICs. I guess I would need to input one cable into the one system, use a crossover to connect to the other system and then cable out to my network. However I have two networks so I don't think there are enough NICs.
3. So I was thinking that I would just have one system handle one network and one system handle the other. Either way, I need to reconfigure the ip addresses. If I do this, do I assign a different IP to each network card?
Thanks in advance for any advise you guys can give. I need help.
The guy that was the admin before me purchased this Twinguard firewall from eracks. It is a rack unit with two systems that they pre configured with OpenBSD and PFW. They configured two carp groups: carp0 and carp1. It appears it has been configured to fail over from one system to the next. I am new to carp and openbsd and hardware firewalls in general.
Here's how it's been pre-configured from the message I was given:
# On TWIN1:
/etc/hostname.vr0: inet 10.1.2.134 255.255.255.0 NONE
/etc/hostname.vr1: inet 192.168.1.134 255.255.255.0 NONE
# On TWIN2:
/etc/hostname.vr0: inet 10.1.2.135 255.255.255.0 NONE
/etc/hostname.vr1: inet 192.168.1.135 255.255.255.0 NONE
# On Both systems:
/etc/hostname.carp0:
inet 10.1.2.2 255.255.255.0 10.0.0.255 vhid 1 pass foo
/etc/hostname.carp1:
inet 192.168.1.2 255.255.255.0 192.168.0.255 vhid 2 pass bar
From what I understand, TWIN1 is one system and TWIN2 is the other. Here's what I need to know:
1. How do I change the IP numbers to suit my network?
2. Right now it appears that I can only firewall one network, since each system in the rack unit only has two NICs. I guess I would need to input one cable into the one system, use a crossover to connect to the other system and then cable out to my network. However I have two networks so I don't think there are enough NICs.
3. So I was thinking that I would just have one system handle one network and one system handle the other. Either way, I need to reconfigure the ip addresses. If I do this, do I assign a different IP to each network card?
Thanks in advance for any advise you guys can give. I need help.