Friday, June 20, 2008
Configuring a home Vyatta router with DHCP Client/Server and NAT
I struggled with this quite a bit the first time around finding a source of information to configure Vyatta's router solution just because examples are hard to find (not that there are any problems with it) so here is the configuration and examples that I had, I left IP addresses in there for examples but they may have to be changed depending on your home network setup
Before entering the below commands you have to be in configure mode and after commit them to memory (the commits are in there but will not put the configure in as you could do it all in one or multipule configure sessions)
Configure Outside interface for DHCP (eth0 is my outside interface)
Configure DHCP server for the internal network (note because of line wrap this looks funny but "set service" is the start of a new line that continues all the way to the next set service. One per line)
Set NAT (genaric rule to enable nat)
Forwarding SSH (creates a rule to forward ssh from any source to any destination that comes to the outside interface eth0 , this is because I have a dynamic IP address externaly so setting the destination is not useful and do not know the IP that I will be coming from) This acts like "port forwarding" in home routers
Before entering the below commands you have to be in configure mode and after commit them to memory (the commits are in there but will not put the configure in as you could do it all in one or multipule configure sessions)
Configure Outside interface for DHCP (eth0 is my outside interface)
dhclient eth0Configure inside interface with static IP address (eth1 is my inside interface)
commit
set interfaces ethernet eth1 address 192.168.11.1/24
commit
Configure DHCP server for the internal network (note because of line wrap this looks funny but "set service" is the start of a new line that continues all the way to the next set service. One per line)
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.10This toruns on the dhcp server for the 192.168.11.0/24 network and starts handing out IP addresses at 10 and stops at 50 I also set my outside DNS server as handed out by DHCP and the default router handed out
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.10 stop 192.168.11.50
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 dns-server 24.159.193.40
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 default-router 192.168.11.1
commit
Set NAT (genaric rule to enable nat)
set service nat rule 1 outbound-interface eth0
set service nat rule 1 source address 192.168.11.0/24
set service nat rule 1 type masquerade
Forwarding SSH (creates a rule to forward ssh from any source to any destination that comes to the outside interface eth0 , this is because I have a dynamic IP address externaly so setting the destination is not useful and do not know the IP that I will be coming from) This acts like "port forwarding" in home routers
set service nat rule 2
set service nat rule 2 type destination
set service nat rule 2 inbound-interface eth0
set service nat rule 2 protocol tcp
set service nat rule 2 destination address 0.0.0.0/0
set service nat rule 2 destination port ssh
set service nat rule 2 source address 0.0.0.0/0
set service nat rule 2 inside-address address 192.168.11.48
commit
Labels: Linux, NAT, router, Vyatta
Thursday, June 19, 2008
Faxpress gives a CCE error when trying to create a new faxpress cover page “Printer in Faxpress.ini is not set in Windows”
Faxpress does not appear to correctly create the printer object as specified in C:/WINDOWS/Faxpress.ini
To resolve find this section in the .ini file:
Change the Printer = line to the name of a printer that exists on the system in my case I changed it to point at Microsoft document image writer as it existed and all users had rights to it. It is not necessary from what I have seen to point it at a different driver. (this is done on the client machines not the backend faxpress server machine)
So my changed .ini file looks like this
Remember on terminal servers used .ini files are copied to the\WINDOWS\ folder so remove the old faxpress.ini file so it reads it back in or update it with the correct one for each user wanting to create the page
If you are redirecting my documents make sure to update the redirected one not a possible local copy in the local documents and settings for the user
To resolve find this section in the .ini file:
[Cover Page]
Printer=Castelle Cover Page
File=C:\FaxPress.spl\Coverpg.pcl
Driver=FPPCL
Format=PCL
DriverInstalled=1
Change the Printer = line to the name of a printer that exists on the system in my case I changed it to point at Microsoft document image writer as it existed and all users had rights to it. It is not necessary from what I have seen to point it at a different driver. (this is done on the client machines not the backend faxpress server machine)
So my changed .ini file looks like this
[Cover Page]
Printer=Microsoft Document Image Writer
File=C:\FaxPress.spl\Coverpg.pcl
Driver=FPPCL
Format=PCL
DriverInstalled=1
Remember on terminal servers used .ini files are copied to the
If you are redirecting my documents make sure to update the redirected one not a possible local copy in the local documents and settings for the user
Labels: Faxpress, Terminal Servers, Windows server 2003
Thursday, June 5, 2008
Samba configuration
I have run across multiple times having overly complex SAMBA configurations to share with a windows system. I wanted to post a simplified version of my configuration file. This is in share mode with a single directory who's share name is str
[global]
security = share
[str]
path = /str/
writable = yes
browsable = yes
public = no
username = username
What this does is share out the file /str/ to people specified with the username filed. These users will then need a samba password setup with the smbpasswd command run in their session on the Linux machine (so for example account test1 would have to be logged in and run "smbpasswd" and set a file sharing password)
This will allow you to restrict access to just the people specified with their password.
Removing the username = field and changing the public = yes will allow you to openly share the files and make them writeable if you so desire
Another useful option is the netbios name = option (not above) which allows you to set the computers netbios name rather then having to navigate to it by IP address
Labels: Filesharing, Linux, Samba
Declaration of intent
What I intend for this blog is to be a resource for tech troubleshooting. I am hoping to regularly publish tips tricks procedures and reviews as well as possibly frustrations with products or user behavior that will hopefully help some in the tech field as other blogs have helped me.
Knowledge is power, hopefully I get a chance to empower others
Knowledge is power, hopefully I get a chance to empower others
Subscribe to Posts [Atom]