|
IPTABLES: interface on "192.168.1.0/24" won't route clients from "10.65.0.0"
My linux router has one leg in 192.168.1.0/24 network with ip 192.168.1.254. There is second linux router with one leg in the same network with ip 192.168.1.1. Behind second router there 10.65.1.0/24 network. Second router is routing traffic so traffic would appear as it comes from 10.65.1.0/24.
On the first router I have mail server as well, so I want to give access to 10.65.1.0/24 network to access mail server on 192.168.1.254. Well ... I cannot. It seems that router rejects traffic coming on 192.168.1.254 interface from 10.65.1.0/24 network iptables -A INPUT -i eth1 -p tcp -s 10.65.1.0/24 --dport 110 -j ACCEPT does not work. How can I do this? NAT-ing 10.65.1.0/24 traffic is not option. |
Are you sure that the traffic is being rejected? If you disable the firewall on R1, does that traffic get through? There isn't enough detail on your setup to tell, but its possible that you need to add a static route on R1 telling it to use R2 to reach 10.65.1.0/24. Can you ping R1 from R2 and vice versa? Can you telnet to port 110 on R1 from R2?
|
Quote:
UPPPPPSSSS you're right ... no static route to 10.65.1.0 subenet ... Thanks tommy |
| All times are GMT -5. The time now is 02:16 PM. |