Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:firewall:fw3_configurations:fw3_ref_topo [2018/09/16 12:49] – ↷ Links adapted because of a move operation bobafetthotmail | docs:guide-user:firewall:fw3_configurations:fw3_ref_topo [2018/09/22 13:14] – dturvene | ||
|---|---|---|---|
| Line 5: | Line 5: | ||
| single public IPv4 address leased from Verizon ($5US/ | single public IPv4 address leased from Verizon ($5US/ | ||
| Verizon [[http:// | Verizon [[http:// | ||
| - | router. | + | router. |
| - | internet access (triple play). | + | internet access (triple play). |
| - | **MAIN** router | + | **MAIN** router |
| + | |||
| + | :!: Interestingly, | ||
| + | firmware, based on Linux 2.6.16. | ||
| + | many years ago; cisco is now selling | ||
| + | [[https:// | ||
| + | It looks like Verizon has been limping along without developer support since then... | ||
| + | |||
| + | Now on to more recent technology... | ||
| The router switch in | The router switch in | ||
| Line 19: | Line 27: | ||
| * **MAIN** is the OpenWrt production router, | * **MAIN** is the OpenWrt production router, | ||
| * **STA1** is a linux laptop from where most of testing is initiated, | * **STA1** is a linux laptop from where most of testing is initiated, | ||
| - | * **DUT** is the OpenWrt '' | + | * **DUT** is the OpenWrt '' |
| * **STA2** is a linux laptop, | * **STA2** is a linux laptop, | ||
| - | * **STA-printer** is an HP printer | + | |
| - | * **STA-server** is a linux desktop wired to a DUT ethenet | + | |
| + | * **STA-server2** is a linux desktop wired to a DUT 802.3 ethernet | ||
| Unless otherwise noted, an IPv4 address is assigned using DHCP. | Unless otherwise noted, an IPv4 address is assigned using DHCP. | ||
| **MAIN** is provisioned with a static lease added for **DUT** so the **DUT** | **MAIN** is provisioned with a static lease added for **DUT** so the **DUT** | ||
| - | will always gets the same IP address: '' | + | will always gets the same IP address: '' |
| - | **DUT** network must also be added to the **MAIN** routing table so **STA1** can | + | **DUT** network(s) must also be added to the **MAIN** routing table so **STA1** can |
| - | communicate with **STA2**. See [[docs: | + | communicate with devices in vlan 102 and vlan 103. |
| + | See [[docs: | ||
| for provisioning static routes. | for provisioning static routes. | ||
| Line 48: | Line 58: | ||
| REJECT, so a firewall rule must be explicitly added for each service from LAN | REJECT, so a firewall rule must be explicitly added for each service from LAN | ||
| to WAN (e.g. ICMP, SSH, HTTP). | to WAN (e.g. ICMP, SSH, HTTP). | ||
| - | when is forwarded but expect it to be rejected or dropped. | + | when a packet |
| - | {{ : | + | {{ : |