John Hakk wrote:
> I recently added a forth NIC for a FTP server that I want LAN1 and LAN2 to have access to but am
having problems configuring.
> interface set-up:
> WAN 192.168.3.100 gateway 192.168.3.1
> LAN1 192.168.1.1
> LAN2 192.168.2.1
> FTP server 192.168.4.1
> (no access between LAN1 and LAN2)
> If I bridge the FTP server interface with either LAN1 or LAN2 the bridged LAN can access the FTP
Server but I would prefer to not have to change the bridge selection each time I want to access the
Server from the other (non-bridged) LAN.
> I have tried numerous rules but have not hit upon the right configuration. I was thinking "static
routes" but do not seem to get any where. "Block private networks" seems appropriate but toggling
on/off does not seem to change things.
> I would assume a rule such as * - FTP Server - * -* -* on the FTP Server interface would allow
access to/from any other interface on the unit. True?
Filters work on the way IN to the firewall. You need a rule on the LAN1
and LAN2 interfaces al;lowing access to the FTP server, and a rule on
the FTP LAN allowing access to LAN1 and LAN2.