Endian Installation USB Flash Drive

This lesson describes how to create an installation USB drive for image files provided by Endian and to verify the integrity of the image file. The procedure applies to Windows users with XP, Vista, or Windows7 systems.

Requirements

You need the following to complete this lesson:

  • .iso or .img image of an Endian Appliance.
  • md5sum of the image.
  • An USB Stick.

Warning
Some USB sticks may not work with Endian devices. In particular, some Endian hardware device might fail to recognise USB Sticks with size bigger the 2Gb. so you should try with one USB stick with smaller size.

Note: ISO image files
Starting with release 5.0, Endian releases installation images as .iso file, rather than .img. However, the following procedure and suggested software can be used also with .iso files.

It is assumed that you have an Endian image file and its correspondent md5sum checksum on your computer. This lesson takes as example an image of an edge 3.0 and its correspondent md5sum file saved in C:\:

In order to create the Endian installation USB flash drive you need to download an application that allows to burn img and iso images to USB flash drives disks, like win32 Disk Imager.

Read more

Share

Endian IP Blocking Firewall Rule

You can make a general IP ban list. You need to go to Port forwarding / Destination NAT

  • Create a new rule
  • Click on the advanced mode
  • Incoming IP: Type: Zone/VPN/Upllink. Select Uplink main – IP:All known.
  • Incoming service port, Service: Any, Port: Any.
  • In the Translate To section set Type: IP, Insert IP: leave blank, NAT: NAT
  • Access From Section.
  • Source Type: Network/IP/Range
  • Filter Policy: Drop
  • In the Network UP’s box, enter a single IPor IP CIDR. eg 61.144.2.10 or 61.144.0.0/14
  • Check the enabled box. In the comment section type Blocked Incoming IP’s
  • Make the position first.

It is important the rule is the first one, else the precending rules will overide the block. If you a list of country and/or IP CIR go to www countryipblocks net

Share

Endian Community (3.x)- network configuration using CLI- Netwizard

After you login in you Endian Appliance, simply issue the following command:

root@endian # netwizard

You will be asked a couple of questions. If the network has already been configured, the current values are shown: simply press Enter if you want to keep that value. The snippet below shows some possible values. Note that you should enter the network interfaces as eth1, eth2, and so on and not as br0, br1, and so on. IP ranges should be written in CIDR notation.

Network Configuration Wizard 
----------------------------

Hostname? myappliance.
Domain? mydomain 
RED interface type <STATIC/DHCP/GATEWAY>? DHCP 
RED device <eth0/eth1/eth2/eth3>? eth3 
Green devices <eth0/eth1/eth2>? eth0 
Green IPs (IP/CIDR)? 172.20.0.1/24 
Orange devices <eth1/eth2>? eth1 
Orange IPs (IP/CIDR)? 172.21.30.1/24 
Blue devices ? eth2 
Blue IPs (IP/CIDR)? 172.22.30.1/24 
Enable SSH access <on/off>? on 
Allow access to ports 22, 80 and 10443 from any interface <on/off>? off

Read more

Share

Endian Community (2.5.1)- Change the green IP address from console

Management URL: https://192.168.0.15:10443
Green IP:       192.168.0.15/24
-----------------

0) Shell
1) Reboot
2) Change Root Password
3) Change Admin Password
4) Restore Factory Defaults

Choice: 0[endian]: login
root's password:
Welcome to Endian Firewall Appliance release 2.5-0 (Deployset #0)
[endian] root: bash

Read more

Share

endian: How to configure the OpenVPN client on a Linux workstation

Go to VPN > OpenVPN Server

Download the CA certificate using the link Download CA Certificate

Save the certificate locally as, lets say, /home/user/cacert.pem

Start the OpenVPN client using the following command line:

openvpn –client –pull –comp-lzo –nobind –dev tap0 –ca /home/user/cacert.pem –auth-user-pass –remote your.remote.efw

Share