|
Linux Router
Hi,
Iīve been playing round with linux for a couple of years now and have managed to do quite a few tricks with it........but iīve hit a brick wall with this issue. Iīve been googling it all day and had no luck, iīm sure thereīs an easy solution i have overlooked. I have a Fedora box set up with 2 nics. The Firestarter GUI insalled. 2 networks - 172.x.x.x (internal) and 192.x.x.x (external) eth0 - 192.168.252.14 eth1 - 172.17.1.14 Fedora box routes everything fine from any pc on the 172.x.x.x range through to any pc on the 192.x.x.x range, but no the other way. I have set a route on the machines in the 192 range as: 172.17.1.0 255.255.255.0 192.168.252.14 (eth0) and it can pint eth1 (172.17.1.14) fine, but nothing past that. Can anyone help??? As I said, iīm sure it something really simple....and my brain is fried from sitting here for hour staring at this monitor :-( Thanx in advance. Halo |
I may be clutching at straws here but could this be a firewall issue?? I.e. Do the 192 PCs have the 172 PCs set as trusted, but the 172 PCs are blocking traffic from the 192 PCs? - Just a thought.
Also, when you say: Quote:
|
There are a couple of issues that need to be looked at. One being where is your default route set to. And probably most importantly, what you have done with the firewall. I haven't used your firestarter GUI but I do use IPtables. Typically if you put ANY chain or filter in besides the default ones that allow everything, you must put something in for everything. Get the point. So, I would first turn off iptables and then try it. If it works, its got to do with the firewall. If it doesn't, it may be your routing statements. If it is the firewall, then try writing a rule that allows the traffic one way and then write one that allows it the other way. Or however you want it set up. Try that and repost.
|
The 192.x.x.x (external) network would'nt be having any route for 172.x.x.x network.
You can verify the same with shuttting down your firewall for some time & then try if you get any replies for your ping 192.x.x.x packets ? Another thing is that i really dont understand about what you mean by 192.x.x.x network being external ????? Can you be more specific or detail in this regards ? |
Hi, and thank you for your replys.
Even with the firewall stopped, I still canīt ping the 172 network. But even if it was a firewall issue, u would think it would be stoppping me from pinging Eth1 (172.17.1.14) when itīs on...but it doesnīt. Quote:
ScooterB, with iptables stopped I get the same issue. So iīm thinkin itīs gotta be a route issue. Route -n Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.252.0 192.168.252.14 255.255.255.0 UG 0 0 0 eth0 192.168.252.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 172.16.175.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.17.1.0 172.17.1.14 255.255.255.0 UG 0 0 0 eth1 172.17.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 192.168.252.254 0.0.0.0 UG 0 0 0 eth0 amitsharma_26, Sorry, shouldnīt have used external. 192.x.x.x network is dmz. Thanx again for your replys. Halo |
After replying to another post similar to yours today, it came to me. You need a Source network translation rule for each of the two networks. That's why with the firewall off it still didn't work. I made a similar recommendation to another poster and he came back and said that it did the trick. Try setting up the snat statements for each netork and give it a go. Then repost.
|
Excellent........SNAT set up and networks are pinging beautifully!!! Thanx for that scooterB.....much appreciated!!
Cheers. |
You're quite welcome. That's what we're all here for. Now enjoy! :cool:
|
| All times are GMT -5. The time now is 01:29 AM. |