LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Can't get Suse 10.3 router/Firewall working (https://www.linuxquestions.org/questions/linux-networking-3/cant-get-suse-10-3-router-firewall-working-730745/)

Isabeau 06-04-2009 04:37 PM
Can't get Suse 10.3 router/Firewall working
 
My old Suse10.3 Firewall/router box finally died after doing great for 8 years. It started as a FreeBSD router/firewall, then I moved to RH using iptables. I finally migrated to Suse 8.x which I liked for the YAST front end to the firewall which meant no longer having to dink around with all the various configurations required. Upgraded to Suse 9.3 when it came out and then moved to 10.3 in 2007 with no problems on the old pc. Poor thing got fried during a storm and now I am trying to make my desktop Suse 10.3 the firewall/router so I don't have to go shopping for new hardware.

It should work as the configurations are exactly the same, however the lan can't see the internet, causing major game downtime.

I can see the Cable modem,internet and my LAN from the new router/firewall, however the internal LAN nodes can only see the internal zone NIC (eth0) and external zone NIC (eth1) but can't get past them to the internet (I can ping both eth0 and eth1 ipaddresses from an internal node.) Have tried pinging external IP addresses and www.yahoo.com, with destination host unreachable result.

Network Configuration as follows:
eth0 internal zone, static ip, 192.168.1.126, netmask 255.255.255.128,
eth1 external zone, DHCP, assigned address xx.xxx.25.144, netmask 255.255.248.0
Cable modem IP Address xx.86.105.65

Yast Network Settings
Network Method Setup: Traditional Setup with ifup
IPv6 disabled
DHCP CLient Options: blank
Hostname: Gandalf
Domain: local
Write Hostname to etc/hosts: checked
Enable IPForwarding: Checked
Default Gateway: xx.xxx.73.50 (this is weird, old router/firewall used it's external zone ipaddress:xx.xxx.73.50, but if I use the new router/firewall's external zone ipaddress:xx.xxx.25.144, nothing sees the internet, however if I give it the old router/firewall's external zone address the new router/firewall can get to internet, just none of the nodes on the LAN can get to internet).

Firewall is enabled although I have made no changes beyond the default as i can't get anything working now anyway.

One other issue I ran into, had to manually configure eth0 ipaddress and netmask with ifconfig, as it would not keep its configuration when done with YAST.

Hardware configuration:
ASUS M2A-VM motherboard, integrated ASUSTek RTL8111/8168B PCIe GB LAN (eth0), D-Link DFE-530TX+ 10/100 (eth1)

Been a while since I had to setup a router/firewall from scratch, may have missed something. Any ideas as to why my LAN can't get past my router/firewall?

secesh 06-05-2009 12:10 PM
No gameing!? oh no!

http://www.novell.com/coolsolutions/feature/16579.html
-- configure external interface, internal interface, and masquerading for the firewall.


off-topic: if this is just a firewall, have you considered Clark-Connect? their community edition (free) is awesome, despite their slow development.

Isabeau 06-05-2009 09:53 PM
Thanks, that worked, I had forgotten how to get the Gateway address. All I needed, works great now. Hopefully for a few more years. Life is good now, son can play games, all happy campers


All times are GMT -5. The time now is 11:16 PM.