Endian IP Blocking Firewall Rule

You can make a general IP ban list. You need to go to Port forwarding / Destination NAT

  • Create a new rule
  • Click on the advanced mode
  • Incoming IP: Type: Zone/VPN/Upllink. Select Uplink main – IP:All known.
  • Incoming service port, Service: Any, Port: Any.
  • In the Translate To section set Type: IP, Insert IP: leave blank, NAT: NAT
  • Access From Section.
  • Source Type: Network/IP/Range
  • Filter Policy: Drop
  • In the Network UP’s box, enter a single IPor IP CIDR. eg 61.144.2.10 or 61.144.0.0/14
  • Check the enabled box. In the comment section type Blocked Incoming IP’s
  • Make the position first.

It is important the rule is the first one, else the precending rules will overide the block. If you a list of country and/or IP CIR go to www countryipblocks net

Share

Endian Community (3.x)- network configuration using CLI- Netwizard

After you login in you Endian Appliance, simply issue the following command:

root@endian # netwizard

You will be asked a couple of questions. If the network has already been configured, the current values are shown: simply press Enter if you want to keep that value. The snippet below shows some possible values. Note that you should enter the network interfaces as eth1, eth2, and so on and not as br0, br1, and so on. IP ranges should be written in CIDR notation.

Network Configuration Wizard 
----------------------------

Hostname? myappliance.
Domain? mydomain 
RED interface type <STATIC/DHCP/GATEWAY>? DHCP 
RED device <eth0/eth1/eth2/eth3>? eth3 
Green devices <eth0/eth1/eth2>? eth0 
Green IPs (IP/CIDR)? 172.20.0.1/24 
Orange devices <eth1/eth2>? eth1 
Orange IPs (IP/CIDR)? 172.21.30.1/24 
Blue devices ? eth2 
Blue IPs (IP/CIDR)? 172.22.30.1/24 
Enable SSH access <on/off>? on 
Allow access to ports 22, 80 and 10443 from any interface <on/off>? off

Continue reading “Endian Community (3.x)- network configuration using CLI- Netwizard” »

Share

Endian Community (2.5.1)- Change the green IP address from console

Management URL: https://192.168.0.15:10443
Green IP:       192.168.0.15/24
-----------------

0) Shell
1) Reboot
2) Change Root Password
3) Change Admin Password
4) Restore Factory Defaults

Choice: 0[endian]: login
root's password:
Welcome to Endian Firewall Appliance release 2.5-0 (Deployset #0)
[endian] root: bash

Continue reading “Endian Community (2.5.1)- Change the green IP address from console” »

Share

Endian Router Blocking IP on Public Interface

You can make a general IP ban list. You need to go to Port forwarding / Destination NAT

  1. Create a new rule
  2. Click on the advanced mode
  3. Incoming IP: Type: Zone/VPN/Upllink. Select Uplink main – IP:All known.
  4. Incoming service port, Service: Any, Port: Any.
  5. In the Translate To section set Type: IP, Insert IP: leave blank, NAT: NAT

Continue reading “Endian Router Blocking IP on Public Interface” »

Share

endian: How to configure the OpenVPN client on a Linux workstation

Go to VPN > OpenVPN Server

Download the CA certificate using the link Download CA Certificate

Save the certificate locally as, lets say, /home/user/cacert.pem

Start the OpenVPN client using the following command line:

openvpn –client –pull –comp-lzo –nobind –dev tap0 –ca /home/user/cacert.pem –auth-user-pass –remote your.remote.efw

Share