LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-14-2015, 12:39 AM   #1
khaled0708
LQ Newbie
 
Registered: May 2015
Posts: 5

Rep: Reputation: Disabled
NAT From Public IP Address to Private IP Address on centos 7


I have two centos 7 Server machines. "Machine-1" is having two NIC cards, one with public ip and another with private ip address. "Machine-2" is having a one NIC card with a private IP Address. how can i configure NAT on machine-1 to forward all TCP Traffic coming on public ip to the private ip of machine-2.

Pls give me a solve.its give me pain
 
Old 05-14-2015, 10:20 AM   #2
lazydog
Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 829
Blog Entries: 1

Rep: Reputation: 137Reputation: 137
Ensure Forwarding is turned on in machine-1 then;

Code:
iptables -t nat -A PREROUTING -i <Pubilc Interface> -d <Public IP> -j DNAT --to-destination <Machine-2 IP>
iptables -t nat -A POSTROUTING -o <Public Interface> -j MASQUERADE
That is basically what you need.
 
Old 05-18-2015, 12:29 AM   #3
khaled0708
LQ Newbie
 
Registered: May 2015
Posts: 5

Original Poster
Rep: Reputation: Disabled
Dear Lazydog,
please give me full procedure.i will be thankful to you.in my office this task assigned to me.just step by step give me the procedure.i need it very urgent. pls help me out
 
Old 05-18-2015, 01:06 AM   #4
robdogj
LQ Newbie
 
Registered: Apr 2015
Distribution: @ Work Red Hat & CentOS @home LinuxMint & PepperMint
Posts: 5

Rep: Reputation: 0
Exclamation

Quote:
Originally Posted by khaled0708 View Post
Dear Lazydog,
please give me full procedure.i will be thankful to you.in my office this task assigned to me.just step by step give me the procedure.i need it very urgent. pls help me out
Lazydog gave you the procedure. You just have to fill in <Pubilc Interface> with the actual device/interface on your server.
 
Old 05-18-2015, 02:08 AM   #5
khaled0708
LQ Newbie
 
Registered: May 2015
Posts: 5

Original Poster
Rep: Reputation: Disabled
i am not too expert in linux.so i need step by step.where to edit,where to write i dont know.so be kind for me
 
Old 05-18-2015, 02:36 AM   #6
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 15,056

Rep: Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915Reputation: 1915
In which case you shouldn't be playing with firewall rules - no wonder the Internet is so exposed to compromises.

CentOS 7 will use firewalld by default. Spend some time on learning how how to configure it - the RHEL Security Guide would be a good place to start.
 
Old 05-18-2015, 08:59 AM   #7
mddnix
Member
 
Registered: Mar 2013
Distribution: Redhat, Ubuntu
Posts: 516

Rep: Reputation: 139Reputation: 139
I assume firewalld service is up and running.

In Machine 1,

1. Add following line in /etc/sysctl.conf
Code:
net.ipv4.ip_forward = 1
2. Load sysctl settings (In terminal):
Code:
# sysctl -p
3. Enable NAT (In terminal):
Code:
# firewall-cmd --add-masquerade --permanent
# firewall-cmd --reload
4. In machine 2, set gateway to Machine-1. Something like this
Code:
cat /etc/sysconfig/network-scripts/ifcfg-xxxx
GATEWAY=xxx.xxx.xxx.xxx
Youre done.

Last edited by mddnix; 05-18-2015 at 09:03 AM.
 
Old 05-18-2015, 10:12 AM   #8
lazydog
Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 829
Blog Entries: 1

Rep: Reputation: 137Reputation: 137
I agree with if you do not know what you are doing then you should not be making any changes to the firewall PERIOD!
Install a machine at home and learn with it. In the office is a bad place to learn especially if you make a mistake.
 
Old 05-18-2015, 11:14 AM   #9
khaled0708
LQ Newbie
 
Registered: May 2015
Posts: 5

Original Poster
Rep: Reputation: Disabled
yes i do not touch the main server.first i will try myself.i understood this when i work with firewalld.i am very thankful all of you for quick response.i think you guys can help me a lot.i have interest a lot in linux.as i new in linux but try as much as i can.if anyone give me a best linux book for beginner it will be helpful for me to understand every command.i searched many book but all books are for medium level.pls help me out to give pdf or link.and i believe you all nice guy are always with me for my problem.thanks again for help.and also suggest me or give me a reference book on RHEL7 or centos 7
 
Old 05-18-2015, 09:59 PM   #10
lazydog
Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 829
Blog Entries: 1

Rep: Reputation: 137Reputation: 137
Best way to learn is install a VM and then install Centos on that and play with it. Good source is the forums. Read what others are doing and then try it yourself. If you mess-up the VM you can always re-install or better make a backup of the VM before you change it so you can re-install the VM
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Centos 7 public and private keys... sigint-ninja Linux - Newbie 2 04-15-2015 05:42 AM
AWS question: can VPC allow both a private and public IP address? Skaperen Linux - Networking 0 09-28-2012 12:40 AM
public ip address from behind nat mrtwice Linux - Networking 4 09-13-2012 10:24 AM
1-1 nat on IP other than external address. iptables CentOS crwdawg Linux - Networking 5 05-01-2011 10:27 PM
private ip address batmanred Linux - Networking 3 09-18-2009 03:34 PM


All times are GMT -5. The time now is 05:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration