Smoothwall, Help please.

[AstroTurf]

Hi,

Busy trying to set up smoothwall and not having any luck getting it onto the internet.

I have smoothwall running and can access the web service (https://smoothwallip/441) without any issues however I can not get it to go online (trying maintenance/updates or about/my smoothwall/get system id) and obviously can not get onto the internet through it.

It is set up in the following way (ip's changed from mine).

Green (my network).
IP: 192.168.0.10
Subnet: 255.255.255.0

Red: (internet)
IP: 192.168.1.2
Subnet: 255.255.255.0

DNS:
My domain dns server1
My domain DNS server 2
Gateway 192.168.1.1 (router ip).

ISDN/ADSL/DHCP server: disabled.

Any suggestions as to what I may be doing wrong?

 

[The_Unbeliever]

Hi

How did you connect to the internet without the smoothwall?

DNS server should point to the IP of your Smoothwall.

 

[AstroTurf]

Using a different (paid for) proxy, I am currently experimenting and looking for alternatives.

Just changed the DNS to the smoothwall internal ip and external ip, No change.

Tested the router again on the current working system, no issues.

 

[The_Unbeliever]

Read what I asked for.

How do you connect to the Internet without the smoothwall?

Does the router do the dialup for you?

If so, you can do one of two things :

1. Set your Smoothwall's gateway to your router's IP.
2. Put your router into bridged mode, put Smoothwall's RED interface in PPPoE mode, create a PPPoE profile under Network/PPP and let Smoothwall handle the dial-up instead of the router. (Recommended)

 

[AstroTurf]

The router handles the connection.

I will have to leave it this way as it is an Mweb/Cisco router that has a static external ip and Mweb are not willing to let me modify anything on it.
Also my other router is 3g and uses a totally different setup to ADSL for connecting.

Thanks for the help so far

I'll try a few other things but please feel free to assist if you have any other suggestions.

 

[The_Unbeliever]

Suppose your router's IP is 192.168.1.1/255.255.255.0 change your Smoothwall's public (RED) IP to the following :

192.168.1.2/255.255.255.0
Gateway : 192.168.1.1
DNS : 192.168.1.1


Use DHCP should you want to use dynamic IP's on your GREEN network. (suggestion)

 

[hyarion]

Also for initial diagnosing you should try ping an internet ip (e.g. 196.25.1.1) to see if you get a reply - Note: this should be from the smoothwall box itself, not the pc.

If you get a reply then you on the right track and can check if DNS is resolving - ping an address such as mybroadband.co.za. If you get an error then you need to solve the DNS settings.

If it pings properly then you know the remaining issues are just in getting the pc linked through the smoothwall, the red side is done.

 

[AstroTurf]

Hi,

Managed to get it working, thanks for the assistance

Still a few things (like default proxy port) I would like to change but will see if I can do it myself before bugging you again.

Ended up using the google open dns addresses, (8.8.8.8 8.8.4.4) and that seems to have fixed everything.

 

[The_Unbeliever]

Hi,

Managed to get it working, thanks for the assistance

Still a few things (like default proxy port) I would like to change but will see if I can do it myself before bugging you again.

Ended up using the google open dns addresses, (8.8.8.8 8.8.4.4) and that seems to have fixed everything.

Meh. Funny, that.

You should also set the Smoothwall to use Google's open DNS addresses - this will help you should you want to download and install add-ons/mods for Smoothwall.

 

[AstroTurf]

So far I have installed Advanced proxy, calamaris report generator and url filter (works off squidguard).

Few questions though"

Are there any better report generators around? (I would like to report by user activity over certain dates/times).
Is there some way to set the url filter to disable during tea/lunch time?

Any other addons I should try?

Thanks for all the help thus far, Smoothwall is definitely on my maybe list (just want to try a few more as well, basically just test one, set it up, try it out and if I like I put a different drive in to test the next one, if not I just format for next attempt).

 

[The_Unbeliever]

Use SARG for reports generated.

SARG : http://community.smoothwall.org/forum/viewtopic.php?f=26&t=25013

There is a way to disable URL filter (between certain times) :

After asking the question here (http://community.smoothwall.org/forum/viewtopic.php?f=12&t=32285) I got it to work...

The solution :

This mod is about to become legend...

Damagement asked me if it was possible to block facebook.com during business hours, and unblock it during lunch hours.

After asking a question (and getting a reply) I tried out URL Filter, and added the following lines to the file /var/smoothwall/urlfilter/timeconst

Thanks Thomas for the pointer!

outside,,,,,,,on,12,30,13,30,192.168.50.1/24,socialnet,block,on,block facebook sunday
outside,on,,,,,,,12,30,13,30,192.168.50.1/24,socialnet,block,on,block facebook monday
outside,,on,,,,,,12,30,13,30,192.168.50.1/24,socialnet,block,on,block facebook tuesday
outside,,,on,,,,,12,30,13,30,192.168.50.1/24,socialnet,block,on,block facebook wednesday
outside,,,,on,,,,12,30,13,30,192.168.50.1/24,socialnet,block,on,block facebook thursday
outside,,,,,on,,,12,30,13,30,192.168.50.1/24,socialnet,block,on,block facebook friday
outside,,,,,,on,,12,30,13,30,192.168.50.1/24,socialnet,block,on,block facebook sabbath

And it works beautiful. The way it was intended to work. :twisted:

Poor users gonna get facebook withdrawal symptoms... :twisted:

Thanks for a great mod!

 

[The_Unbeliever]

If you want to monitor some sites, you can try smokeping

Smokeping for Smoothwall : http://community.smoothwall.org/forum/viewtopic.php?f=26&t=29914

This will produce graphs like these :

It will not consume a lot of bandwidth though.

 

[AstroTurf]

Thanks! will try them out

I am not to interested in monitoring site usage, more user usage. My boss often asks me to give him a detailed report on what user x was doing during certain hours (usually overtime and no work done).

 

[The_Unbeliever]

Thanks! will try them out

I am not to interested in monitoring site usage, more user usage. My boss often asks me to give him a detailed report on what user x was doing during certain hours (usually overtime and no work done).

Then SARG will fit the bill nicely.

 

[medicnick83]

Read what I asked for.

Woooooooooo!!!

"Liiiiiissssstteeeeenn to Meeeeeeeeeeeeee!" hahaha!

 

[AstroTurf]

Woooooooooo!!!

"Liiiiiissssstteeeeenn to Meeeeeeeeeeeeee!" hahaha!

LOL, a simple misunderstanding

 

[The_Unbeliever]

LOL, a simple misunderstanding

It was. hehehe

Anyways, good to hear you're all good to go

 

[AstroTurf]

few more tweaks and I think this baby will go live with no further testing, Awesome so far thanks (yet again)

 

[The_Unbeliever]

few more tweaks and I think this baby will go live with no further testing, Awesome so far thanks (yet again)

In the classy days of version 2.x I put it into production without proper testing

Never failed me

 

[AstroTurf]

LOL, back in the days when I was willing to duel at noon I would have done the same but with age comes this strange need to make things work first time nowadays I would request a bullet proof vest and a temp to take my place (I would wear the vest while the temp duels in my place).

Seriously though I'll probably still test a few other options but let this run live for the intern and possibly permanently if there is no better solution.

Really liking what I see so far though.