Endian Community Edition

C

COKE CAN

Limp Gawd
Joined
Nov 12, 2006
Messages
391
Once I install it and it reboots, where do I go from there? I get the root log in screen, do I need to log in and leave it? If so, I cannot connect to the web page. I set the green's IP address and then set my pc in the same range. Now, I have 3 NICs, how do I know which one to plug my PC into on the firewall?

Steve
 
Start out small, pull all your cards out except for one and connect to that one with your other system. If you are going system to system you will need a crossover cable. After your initial set up then shut down and put the other cards in and then configure those through the web interface. It's a little different than smoothwall and ipcop on the set up.
 
You don't need to log into console of the PC running it..just leave it sitting in the corner headless

Login by default is just http://whatever IP address you have the green nic

3x NICs..ack, that'll make trial and error run. It needs to have a live connection on the NIC as it powers up. So power cycle all as you power up the Endian box, and your PC. It'll be easier to put all into a switch. Then once in the web admin, hopefully you have different brand NICs..and you can go in and fiddle with your red and blue or orange zone.
 
YeOldeStonecat said:
You don't need to log into console of the PC running it..just leave it sitting in the corner headless

Login by default is just http://whatever IP address you have the green nic

3x NICs..ack, that'll make trial and error run. It needs to have a live connection on the NIC as it powers up. So power cycle all as you power up the Endian box, and your PC. It'll be easier to put all into a switch. Then once in the web admin, hopefully you have different brand NICs..and you can go in and fiddle with your red and blue or orange zone.
Click to expand...

Ok, now I am getting confused, lol.

Once I install it I log in as root and leave it right?

For the moment, I am planning on running one machine off of it for the time being until I get another switch for my Cisco lab.

So I am looking at this: Cable Modem >> Endian Firewall >> Computer

Unfortunately the NICs are all 3COM 3C905

I need a cross over to go from the Endian Box to the PC right?

Also, in order to find the correct NIC I have to plug the cables into the NIC and restart the machine each time?

Just want to confirm this before I get off work
 
The Endian box...you do not have to sit at that box and log in, there's no reason to. You can simply hit the power button on it...and walk away. You don't even need a kb/mouse/monitor connected to it.

Having tried a few *nix distros..the setup is one thing I found to be slightly more difficult with Endian....as during setup, you only see "eth0, eth1, eth2", etc Instead of Intel Pro, 3COM, blah blah....like with IPCop or pfsense.

However...you do have 3x 3COM NICs. So guess it doesn't matter...any *nix distro will make this difficult. So it's trial and error.

Yeah if no hub or switch...a crossover cable. You'll have to trial and error..power cycling..until you can hit that web admin. Once you have that..you're golden.
 
Sweet, I am sure then my main problem was with the cross over cable. I don't know why that didn't cross my mind. I guess my title should still be 'n00bie"

Thanks for the great help!
 
I would add my own experience setting up Endian... Sometime, it's best to first connect the box to a switch and connect your computer on the same switch, but unplug everything else to avoid conflicts and possible DHCP leases ghosts.

Normally, with endian, you need to find the "GREEN" interface card then if you do, you should be able to enter http://192.168.1.1:10443/ which is the default interface address. When you get there, you will see more configuration options so continue there.

I would agree with the advice of plugging only 1 nic, setup till you are satisfied, then add one more and continue from there since Endian will remember which NIC is linked to which interface and label the cards to help. another way is to note the MAC address of each nic and select the proper one since it display the entire mac address for each nic. This is from my experience, having 3C905 as well ;)
 
initial setup on your endian box will require you to mess with some bios settings so it doesnt hang on somekind of a keyboard or "no mouse" error if you want to run it headless..have a monitor hooked up to it on first reboot with no keyboard or mouse attached to make sure it will boot up clean

generally I have noticed with Endian , Ipcop, and Smoothwall is that they usually assign your physically higher up nic as green .... and with Endian , you configure your red and blue/orange once you log into the box via its own little web/configure page

if you use Dansguardian and want to update it .. grab latest big blacklist from urlblacklist.com and completely untar it and then winscp into your endian box and simply drop the blacklist (the completely untared blacklist folder , not the blacklist folder with a still tarred up file inside it) into /etc/dansguardian/ and over write the existing blacklist folder there ..and then presto change-o you'll have many more categories now showing in which you can choose from

hmm ...that was a smidge off topic me thinks ..

:p

 
COKE CAN said:
What does that clacklist file do for me? Sorry if that is a dumb question.
Click to expand...
Endian has DansGuardian integrated into it with its own limited blacklist already installed ..in which has categories that DansGuardian draws from to know what sites to block and/or what words to look for to block a particular site if it has to many words that it deems "bad" based on the list of bad words that it draws from ..

once you log into your endian box via https://192.168.0.1:10443 (or whatever your endian boxes ip actually is) you'll see categories in the DG section in which you can check to have DG block or look for those particular types of words when filtering

the "bigblacklist" download you can obtain from http://www.urlblacklist.com is just an update blacklist with more categories than what comes by default with your endian installation

your first download from them is free , but they ask that you sign up and setup somekind of payment to coincide with the frequency you wish to download any further updates

The place I work at pays for monthly updates from them ..so once a month I grab an updated blacklist file from them and update a few Smoothwall Express 2.0 boxes and one Endian box , all of them running Dansguardian or Advanced Web Proxy 2.0.1 with Urlfilter 1.4.0 .. I am just starting to play with Endian , and once I figure out how to setup multiple groups in DG , I think I will replace our main Smoothwall box with Endian as we can really take advantage of the built in spam tagging on our many pop3 email accounts we have on campus here..

lol , where you able to get a recognizable answer to your question out of that?

 
ThreeDee,

Yes, that was a great explination! And thanks to everyone who answered!

I hope to put this stuff to use tonight

:)
 
Ok, so I bought a cross over cable.

I come home and get logged into the Endian machine via the crossover cable. I accept the cert and proceed to set up. I follow through the 7 steps and get to the end. The page does not refresh and when I click any link, it tells me that my cert was signed with another serial or something to that affect.

Some one please help me. I couldn't go any further in the web-console
 
as long as you left "Green" as what ever you initially set it up as ..you shouldnt have any issues with closing down your browser and then relogging into https://192.168.0.1:10443 (or whatever ip address you gave it)

are you running Windows or Linux by the way?


[F]old|[H]ard
 
Just built another one..we're going to deploy at a small manufacturing plant that does prefab work for data/communications closets. Utilizing it to wash their mail...separate public IP just for SMTP traffic.
 
YeOldeStonecat said:
Just built another one..we're going to deploy at a small manufacturing plant that does prefab work for data/communications closets. Utilizing it to wash their mail...separate public IP just for SMTP traffic.
Click to expand...

Woah Woah Woah

Hey buddy, don't come in her flaunting your working Endian Firewall!

lmao :D

JK
 
Is yours still hung up? Cert shouldn't matter...just empty internet cache and go again.

Can you get replies when you ping it? Are you on a static LAN IP?
 
YeOldeStonecat said:
Is yours still hung up? Cert shouldn't matter...just empty internet cache and go again.

Can you get replies when you ping it? Are you on a static LAN IP?
Click to expand...

I reinstalled the system, changed my IP to a static IP in that range (192.168.0.2)

I get "unable to connect"

I will try clearing cache when I get back to my condo tonight
 
COKE CAN said:
I reinstalled the system, changed my IP to a static IP in that range (192.168.0.2)

I get "unable to connect"

I will try clearing cache when I get back to my condo tonight
Click to expand...

Did you also put the subnet? For some reason on this build here..I also entered the gateway (IP of Endian)...although that shouldn't matter..as the web admin isn't part of another network.

DHCP is disabled by default, and the outbound fireawall is enabled by default..so only web traffic will work at first until you turn off the outbound firewall or fiddle with it more.
 
COKE CAN said:
I reinstalled the system, changed my IP to a static IP in that range (192.168.0.2)

I get "unable to connect"

I will try clearing cache when I get back to my condo tonight
Click to expand...

I believe the Endian box green interface default to 192.168.1.1 so setup to 192.168.1.2 instead of 0.
 
Xilikon said:
I believe the Endian box green interface default to 192.168.1.1 so setup to 192.168.1.2 instead of 0.
Click to expand...

You choose the IP during setup. I chose 192.168.0.1
 
YeOldeStonecat said:
Did you also put the subnet? For some reason on this build here..I also entered the gateway (IP of Endian)...although that shouldn't matter..as the web admin isn't part of another network.

DHCP is disabled by default, and the outbound fireawall is enabled by default..so only web traffic will work at first until you turn off the outbound firewall or fiddle with it more.
Click to expand...

I cannot get to the web console to change anything
 
did you mistakenly change the green interface to another nic by chance?


[F]old|[H]ard
 
ThreeDee said:
did you mistakenly change the green interface to another nic by chance?


[F]old|[H]ard
Click to expand...

Tried them all. Each time I changed NICs I would reboot the system
 
Are you setting your windows machine with a static IP address or is it trying to get an address from the EFW? You need to set your windows IP address Static in the same range as your EFW. Without doing this it won't know where to broadcast and where to listen.
 
YARDofSTUF said:
I had that cert problem before with FF, went over to IE and it worked fine.
Click to expand...

I can't even get back to that point again. But I did try when it was happening...
 
as far as the cert "problem" ..it's just a matter of closing out your browser completely and then relaunching it to get back into the endian page ..

do you have the gateway set as 192.168.0.1 then in your network settings?

maybe try reinstalling again make double/triple sure of your settings before saving them when setting up the nics again ..maybe you mis typed something or the like of which I have done in the past like putting "198.162.0.1" and it was like I was dyslexic or something because it took me forever trying to trouble shoot my "problem" even tho I looked at my ip settings several times before it actually registered what I had done.

..one of my "Duh.." moments at its finest. Maybe you did something similar...who knows
:confused:


[F]old|[H]ard
 
When I went through the install the only IP address I set was GREEN (192.168.0.1). Then initial install finished and rebooted to a text based log in. I left that and went to my pc, the whole time the cross over was connected to both machines. At my PC, I changed the IP addr to 192.168.0.2/255.255.255.0. Then I opened Firefox (2.0 if it matters) and typed in https://192.168.0.1:10443

I then get the connection timed out page.

I made it to the PHP portal in Endian once. I haven't been able to establish a connection to the firewall since.
 
COKE CAN said:
When I went through the install the only IP address I set was GREEN (192.168.0.1). Then initial install finished and rebooted to a text based log in. I left that and went to my pc, the whole time the cross over was connected to both machines. At my PC, I changed the IP addr to 192.168.0.2/255.255.255.0. Then I opened Firefox (2.0 if it matters) and typed in https://192.168.0.1:10443

I then get the connection timed out page.

I made it to the PHP portal in Endian once. I haven't been able to establish a connection to the firewall since.
Click to expand...

You don't even need the "S" and port 10443.......just type in 192.168.0.1..once you accept the cert, it'll redirect you to the S/port.

Make sure you power up Endian with it's NICs plugged into something live..else they don't start up.
 
Reinstall it with only 1 NIC, thats how I installed mine, can you also use a hub/switch instead of a cross over?
 
dbwillis said:
Reinstall it with only 1 NIC, thats how I installed mine, can you also use a hub/switch instead of a cross over?
Click to expand...

I don't have one readily available. I will try the one NIC thing. If I remove the other 2, how difficult is it to install them (driver wise) into the system? Or will they auto detect?
 
You must log in or register to reply here.
Back
Top