LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 01-24-2008, 09:12 AM   #1
vlady_s
LQ Newbie
 
Registered: Jan 2008
Posts: 2

Rep: Reputation: 0
IPTABLES Interet access / VPN access


Hello all,
I'm new to this forum and also new working with IPTABLES. I have a fedora core 2 Server . The configuration of my network is as follow :

Internet provider : Comcast Cable Modem
Behind my cable modem I have a Belkin 5 port Router with DHCP running and I have one Laptop (LAPTOP1) connected to this router. subnet is 192.168.1.x/24
My Fedora server ETH1 (192.168.1.51) is connected to the router as the WAN Interface.
I have a second Interface on my Fedora, ETH0 (192.168.0.10), this interface is the LAN going to a 8-port switch. Subnet is 192.168.0.x/24. Behind this switch I have a laptop (LAPTOP2) getting DHCP IP from fedora .

MY goal is to VPN in to my LAPTOP2 on for that I have a VPN server running on the Fedora server.

The problem I'm currently having with this configuration is that I'm not able to access the web from LAPTOP2 and I think it has to do with IPTABLES. here is a copy of my IPTABLE. I kind of use it from a sample I found on this forum. I hope its somthing simple to fix.
Thank you in advance !! .

# Diable forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward

LAN_IP_NET='192.168.0.10/24'
LAN_NIC='eth0'
WAN_IP='192.168.1.1'
WAN_NIC='eth1'

# load some modules (if needed)

# Flush
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# enable Masquerade and forwarding
iptables -t nat -A POSTROUTING -s $LAN_IP_NET -j MASQUERADE
iptables -A FORWARD -j ACCEPT -i $LAN_NIC -s $LAN_IP_NET
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

# STATE RELATED for router
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


iptables -A INPUT -i $LAN_NIC -s $LAN_IP_NET -j ACCEPT

# sshd
iptables -A tcp_inbound -p TCP -s 0/0 --destination-port 22 -j ACCEPT


# Enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
 
Old 01-24-2008, 03:17 PM   #2
Ronin_tekorei
Member
 
Registered: May 2006
Distribution: Fedora
Posts: 57

Rep: Reputation: 15
hello
first, do you have the squid instaled and configured? or any proxy that you use?
In the iptables you are masquarading your laptop2 to the router, so all the packages that your laptop2 send to the internet or the router is going as yout server ip.
All the packets that your laptop2 forward to any location is forwarded, so your VPN will work. but in order to have internet you need a proxy instaled in your server linux, i personally prefer squid
Please, put more information about it

Last edited by Ronin_tekorei; 01-24-2008 at 03:22 PM.
 
Old 01-24-2008, 08:12 PM   #3
vlady_s
LQ Newbie
 
Registered: Jan 2008
Posts: 2

Original Poster
Rep: Reputation: 0
Ronin_tekorei ,
Thank for your reply. My Server has squid, not using it tough, I tried to start it but I get an error message. I have to look into the squid.conf file to see what is going on there , will keep you posted .
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
access vpn through proxy lostinthewoods Linux - Networking 0 01-15-2008 05:16 AM
VPN Access to LAN daveginorge Linux - Networking 2 08-07-2007 11:19 AM
How to make non-vpn machines to access VPN server deepugopi Linux - Networking 0 07-31-2007 06:55 AM
Access to LAN via VPN fpiergen Linux - Networking 3 02-15-2007 03:14 PM
How to access VPN + LAN in iptables Firewall pradeepjagtap Linux - Security 4 10-24-2006 12:08 AM


All times are GMT -5. The time now is 05:41 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration