Routing problem
Hi All Linux and Network Experts,
I am quite a newbie in Networking, especially where more than one nic's are present, I face problems with routing. Now I will explain my problem: My company is very small scale with 30 PC's connected via hardware ADSL router. Now I am assigned an IP dynamically by my ISP to my Hardware Router which is a CNET Router. The router connected to the switch works just fine for the entire network. Now I want to protect my network by letting the router connect to the Firewall Machine which is a Compaq Pro Liant ML350 machine with 2 Lan Cards eth0 and eth1. Now I am connecting the hardware router to the eth0 with IP of eth0 as 10.0.0.1 subnet mask 255.0.0.0 and the router address as 10.0.0.254 subnetmask 255.0.0.0. Here the default gateway for eth0 is 10.0.0.254, i.e. the hardware router address. Thats working fine and I am getting internet on my Compaq Server. Now I am connecting my eth1 to my LAN network with IP for eth1 192.168.1.1 and subnet 255.255.255.0 and for the network of 192.168.1.0. The gateway for eth1 is 10.0.0.1 i.e. the eth0 interface. The machines on the LAN are able to ping to my compaq proliant server on both the interfaces i.e. eth0 with 10.0.0.1 and eth1 with 192.168.1.1 but cannot ping 10.0.0.254 i.e. the hardware router. The machines on the LAN are also not able to use the internet. Can somebody guide me as to what is the solution to this problem? I want some advice as to do I need to do some other settings or some routes or what I dont know. Please reply as soon as possible as I want to start implementing this fast. Previously it was just a Windows OS and used to do nothing but now I want to use this server for better purpose in the office to make use of the resource and also can implement some other services like FTP and MAIL for my office. Please advice. Thanks for the patience in looking into this problem. Jimmax |
First, you may only have one default gateway. Your internal NIC config file should not have a gateway.
Second, did you enable IP forwarding? Did you enable IPmasquerade (or does your router handle this?)? |
Hi Thnx for the response,
How do I enable IP Masquerading?? I have enabled IP Forwarding though in the /etc/sysctl.conf file. Please advice how to enable IP Masquerading. I have IP Tables installed but dont know anything about IP Tables rules and stuff which also I want to learn and have tried looking at some places but its all quite complex to start with. so please can you advice me as to how should I do that? THanx. Jimmax |
iptables -t filter -A FORWARD -i eth1 -o eth0 -j ACCEPT -m state --state NEW,ESTABLISHED,RELATED
iptables -t nat -A POSTROUTING -i eth1 -o eth0 -j MASQUERADE |
You cant use -i with POSTROUTING
Hi there,
It is giving an error stating [root@advantage root]# iptables -t nat -A POSTROUTING -i eth1 -o eth0 -j MASQUERADE iptables v1.2.7a: Can't use -i with POSTROUTING Try `iptables -h' or 'iptables --help' for more information. now what should I do??? please advice. Thanx Jimmy |
sorry, remove the -i eth1 from the POSTROUTING line
|
All times are GMT -5. The time now is 12:57 AM. |