LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-09-2008, 12:11 PM   #1
zivota
Member
 
Registered: May 2005
Distribution: CENTOS
Posts: 91

Rep: Reputation: 15
IPTABLES: interface on "192.168.1.0/24" won't route clients from "10.65.0.0"


My linux router has one leg in 192.168.1.0/24 network with ip 192.168.1.254. There is second linux router with one leg in the same network with ip 192.168.1.1. Behind second router there 10.65.1.0/24 network. Second router is routing traffic so traffic would appear as it comes from 10.65.1.0/24.

On the first router I have mail server as well, so I want to give access to 10.65.1.0/24 network to access mail server on 192.168.1.254. Well ... I cannot. It seems that router rejects traffic coming on 192.168.1.254 interface from 10.65.1.0/24 network


iptables -A INPUT -i eth1 -p tcp -s 10.65.1.0/24 --dport 110 -j ACCEPT
does not work.

How can I do this? NAT-ing 10.65.1.0/24 traffic is not option.
 
Old 06-09-2008, 01:31 PM   #2
tommyr1216
Member
 
Registered: Sep 2004
Location: Pennsylvania
Distribution: Gentoo, Suse, Fedora, Slackware
Posts: 56

Rep: Reputation: 15
Are you sure that the traffic is being rejected? If you disable the firewall on R1, does that traffic get through? There isn't enough detail on your setup to tell, but its possible that you need to add a static route on R1 telling it to use R2 to reach 10.65.1.0/24. Can you ping R1 from R2 and vice versa? Can you telnet to port 110 on R1 from R2?
 
Old 06-09-2008, 01:35 PM   #3
zivota
Member
 
Registered: May 2005
Distribution: CENTOS
Posts: 91

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by tommyr1216 View Post
Are you sure that the traffic is being rejected? If you disable the firewall on R1, does that traffic get through? There isn't enough detail on your setup to tell, but its possible that you need to add a static route on R1 telling it to use R2 to reach 10.65.1.0/24. Can you ping R1 from R2 and vice versa? Can you telnet to port 110 on R1 from R2?

UPPPPPSSSS you're right ... no static route to 10.65.1.0 subenet ...

Thanks tommy
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ProFTPD - "500 Sorry, no server available to handle request on 192.168.1.103" - what? orange400 Linux - General 15 05-21-2013 02:59 PM
Xlib: connection to "192.168.0.10:2.0" refused by server lumix Linux - Newbie 1 05-21-2008 06:04 PM
unable to open display "192.168.1.45:0.0" shan_nathan Linux - Desktop 1 04-29-2008 09:54 AM
Standard commands give "-bash: open: command not found" even in "su -" and "su root" mibo12 Linux - General 4 11-11-2007 10:18 PM
LXer: Displaying "MyComputer", "Trash", "Network Servers" Icons On A GNOME Desktop LXer Syndicated Linux News 0 04-02-2007 08:31 AM


All times are GMT -5. The time now is 05:38 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration