[TriLUG] OwnCloud network setup question

Igor Partola igor at igorpartola.com
Tue Jul 2 12:41:49 EDT 2013


Carl,

So first, will TWC actually give you a second public IP? My
understanding was that they wouldn't though I have never tried this.

Personally, I would set this up in one of two ways:

1. Put your OwnCloud box into the DMZ on your Linksys router. Then,
optionally, firewall the OwnCloud box from accessing anything on the
LAN. If you do this, make sure you set up solid firewall rules on the
OwnCloud box as it will essentially have your TWC public IP (if someone
pings you, connects to your MySQL port, etc.)

2. Just port-forward the OwnCloud ports through your Linksys to your
OwnCloud box. You can then still optionally firewall the OwnCloud box
from the rest of the LAN if you prefer.

Both of these setups have their advantages and disadvantages. I would
start with #2 if you are unsure as it has less security implications
(e.g.: badly configured box in your DMZ that now has access to the rest
of your LAN).

Two NICs are not required for either of these. Having recently played
with mutli-homing an IPv6 host, I can say that having multiple
default routes can become tricky business.

Igor

On Tue, Jul 02, 2013 at 12:07:15PM -0400, Carl Crider wrote:
> Thank you Igor.
> 
> Yes, more of a DMZ set up. I should have used that term.
> I have my TWC modem (set as a bridge), out to my Linksys router, and there
> is a smart switch off of that (not that it plays a role in this).
> Just looking to make the external access as safe and separate as possible
> from my internal network. Reading what I've typed, I see
> your point with the IP issue. My internal LAN machines have static IP's;
> this would be ideal for the OwnCloud access as well.
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://www.trilug.org/pipermail/trilug/attachments/20130702/1a77afd1/attachment.pgp>


More information about the TriLUG mailing list