Firewall Switch: Difference between revisions
imported>Jacob No edit summary |
imported>Jacob No edit summary |
||
| Line 16: | Line 16: | ||
>$ cd ~/conf/etc | >$ cd ~/conf/etc | ||
>$ vim rc.conf_v013 | >$ vim rc.conf_v013 | ||
hostname="fire.sjakio.com" | |||
ifconfig_em1="inet 192.168.9.10 netmask 255.255.255.0" | |||
ifconfig_em0="inet 10.0.0.1 netmask 255.255.255.0" | |||
>$ sudo cp rc.conf_v013 /etc/rc.conf | >$ sudo cp rc.conf_v013 /etc/rc.conf | ||
Revision as of 15:24, 1 February 2020
Previous ZFS Backup Return Freebsd Knowledge Base
The 2 firewalls have a file in their root directory called either firewall1 or firewall2. The active firewall has always dns name fire and the inactive firewall has dns name firebox.
Active firewall start point is:
Green em0 10.0.0.1 Red em1 192.168.9.10
To switch firewall use this sequence.
Connect to firebox Chance the rc.conf file to make this the active firewall
>$ cd ~/conf/etc >$ vim rc.conf_v013 hostname="fire.sjakio.com" ifconfig_em1="inet 192.168.9.10 netmask 255.255.255.0" ifconfig_em0="inet 10.0.0.1 netmask 255.255.255.0"
>$ sudo cp rc.conf_v013 /etc/rc.conf
>$ cd ../isc-dhcpd/ >$ sudo cp dhcpd-firewall1.conf_v001 /usr/local/etc/dhcpd-firewall.conf
Connect to fire
>$ cd ~/conf/etc >$ vim rc.conf_v013 Make active hostname="firebox.sjakio.com" ifconfig_em1="inet 192.168.9.20 netmask 255.255.255.0" ifconfig_em0="inet 10.0.0.20 netmask 255.255.255.0" >$ sudo cp rc.conf_v013 /etc/rc.conf
>$ cd ../isc-dhcpd/ >$ sudo cp dhcpd-firewall1.conf_v001 /usr/local/etc/dhcpd-firewall.conf
In both execute.
>$ sudo shutdown -r now && exit
On the workstation edit ~/.ssh/known_hosts and remiove entries for fire, firebox, 10.0.0.1 and 10.0.0.20
>$ vim ~/.ssh/known_hosts
Note:
Important the only 2 ip addresses open for ssh are 10.0.0.1 and 10.0.0.20. So each of the 2 fire walls need to have one of these ip addresses, otherwise no ssh connection can be made.
Previous ZFS Backup Return Freebsd Knowledge Base