Thursday, September 25, 2008
IPCop Clean Install
OK, so I screwed up. After some comments left on this blog by "Anonymous" discouraged me from running IPCop over VMWare on a Win2003 Server for a "live" environment, I decided to do a clean install of IPCop running native. So far, everything is going fine. I installed the URLFilter addon and setup Snort (intrusion detection) and have begun testing the new box in preperation for going "live". All went smoothly once I decided to switch 320 GB HD out for a 80GB to avoid any 48-bit issues with drives over 136GB. Besides, I don't need THAT much space. The only glitch is that I accidently ran the install using IPCop 1.4.2 instead of 1.4.20, which are different animals. I suppose I could have downloaded the 1.4.20 ISO and do another install but, since I am a newbie with IPCop, I decided to run the approximately 18 patches in succession to get it up to 1.4.21. Once I figured out the system (and that I didn't have to expand the .tar files before uploading), everything went fine and I was able to see the changes as IPCop had grown since 2005. It was a bit tedious but a good learning experience. Thanks again, Anonymous!
Wednesday, September 17, 2008
IPCop Deputized
After much research and time, we have decided to try out the IPCop firewall with URL Filter for the school's needs. Our VERY limited budget made the decision even more difficult. So, we are currently testing it as a VMWare appliance on a Windows 2003 box. For the time being, we are directing 2 computer's traffic through it to test the waters. While IPCop is running in transparent mode, our LAN currently uses a Surfcontrol plugin on an ISA server and forcing the transparency to happen would require removing the MS Firewall client for all machines. A friend of mine will be scripting this so that the all workstations we be automatically run the uninstall.
One issue I am having is that I sometimes have to ping the IPCop box from the workstation in order to get internet access. For the testing phase, I am simply using IPCop as the gateway, but Linux seems to have an issue recognized other nodes on the network unless they are pinged. I haven't been able to find out much about this by Googling it. I guess I'm not using the correct keywords. If has any information on this, I would very much appreciate hearing about it. I suppose I could write a boot script but my guess is that there is an easier way. Anyone?? Does the fact that it is a VMWare appliance affect things? Thanks!!
Add your comments below.
One issue I am having is that I sometimes have to ping the IPCop box from the workstation in order to get internet access. For the testing phase, I am simply using IPCop as the gateway, but Linux seems to have an issue recognized other nodes on the network unless they are pinged. I haven't been able to find out much about this by Googling it. I guess I'm not using the correct keywords. If has any information on this, I would very much appreciate hearing about it. I suppose I could write a boot script but my guess is that there is an easier way. Anyone?? Does the fact that it is a VMWare appliance affect things? Thanks!!
Add your comments below.
Subscribe to:
Posts (Atom)
