Basic working configuration

General mbox is deployed as a gateway appliance with minimum router & firewall functions. So a working mbox must have the following parts configured:

    • Interface IP addresses for both WAN and LAN interfaces (details).
    • Default IP gateway route and name-server (optional if WAN is DHCP) (details)
    • DHCP address assignment for LAN users (details)
    • Basic firewall access rules and address translation rules (details)


    • enable & configure WAN (eth0) interface IP
    • enable & configure LAN (eth1) interface (assume there’s another LAN switch to connect internal PC)
    • configure default gateway and name-server
    • configure DHCP server to assign IP addresses to internal users
    • configure firewall rules to permit outbound Internet access and Port Address Translation to hide internal private IP addresses



!hostname HSG1!interface eth0 description "Connection to WAN" enable ip address dhcp!interface eth1 description "Connection to LAN" enable ip address dns range!interface eth2 description OOB-Mgmt enable ip address dhcp-server dns range!interface loopback enable ip address!ip dhcp-server start!ip name-server host rewriteip host mail host mysqldb host rewrite!ip ntp-server!firewall-input 20 permit all tcp dport 80 src admin remark "web mgmt"firewall-input 21 permit all tcp dport 22 src remark "SSH from OOB"!firewall-access 10 permit outbound eth0!firewall-snat 10 overload outbound eth0!-------------