Hello All I am not an expert in Networking and hence i am posting this here for assistance. I have a CentOS Box which has 2 NICs My setup is as follows on the CentOS server. My WAN IP is 192.168.6.142/24 My WAN Gateway is 192.168.6.1/24 My LAN IP is 10.10.20.1/24 My server is able to browse the internet well. i have connected my laptop network port to the LAN port of the server. Laptop IP is 10.10.20.12/24 and i have put gateway to be 10.10.20.1 I am able to reach the gateway ie 10.10.20.1 from the laptop,however i cannot reach anything on the internet (e.g i am unable to ping 4.2.2.2 or 8.8.8.8) Basically i cannot go outside to the internet. On the server,when i do a netstat -rn,i get the following output [root@linuxlearn ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.6.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.10.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 0.0.0.0 192.168.6.1 0.0.0.0 UG 0 0 0 eth1 [root@linuxlearn ~]# I have not put a gateway on the LAN As you can see,the default route is OK. i would like to be able to access the Internet from my laptop. My questions are? 1)- Is there any config i have not done well or misconfigured? (My thinking is that my laptop should be able to go to the internet because the routing appears OK,however i stand to be corrected.) 2)- Do i need to do any NATing somewhere? Kindly give me your thoughts on this issue. Regards Cynthia
Have you enabled packet forwarding? /etc/sysctl.conf check for ipv4_forwarding or something like that. Set it to 1 On Mar 28, 2014 12:19 PM, "Cynthia Wahome" <cwahome@jambo.co.ke> wrote:
Hello All I am not an expert in Networking and hence i am posting this here for assistance.
I have a CentOS Box which has 2 NICs My setup is as follows on the CentOS server.
My WAN IP is 192.168.6.142/24 My WAN Gateway is 192.168.6.1/24 My LAN IP is 10.10.20.1/24
My server is able to browse the internet well. i have connected my laptop network port to the LAN port of the server. Laptop IP is 10.10.20.12/24 and i have put gateway to be 10.10.20.1
I am able to reach the gateway ie 10.10.20.1 from the laptop,however i cannot reach anything on the internet (e.g i am unable to ping 4.2.2.2 or 8.8.8.8) Basically i cannot go outside to the internet.
On the server,when i do a netstat -rn,i get the following output
[root@linuxlearn ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.6.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.10.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 0.0.0.0 192.168.6.1 0.0.0.0 UG 0 0 0 eth1 [root@linuxlearn ~]#
I have not put a gateway on the LAN
As you can see,the default route is OK. i would like to be able to access the Internet from my laptop.
My questions are?
1)- Is there any config i have not done well or misconfigured? (My thinking is that my laptop should be able to go to the internet because the routing appears OK,however i stand to be corrected.) 2)- Do i need to do any NATing somewhere?
Kindly give me your thoughts on this issue.
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On 28 March 2014 12:18, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am not an expert in Networking and hence i am posting this here for assistance.
I have a CentOS Box which has 2 NICs My setup is as follows on the CentOS server.
My WAN IP is 192.168.6.142/24 My WAN Gateway is 192.168.6.1/24 My LAN IP is 10.10.20.1/24
My server is able to browse the internet well. i have connected my laptop network port to the LAN port of the server. Laptop IP is 10.10.20.12/24 and i have put gateway to be 10.10.20.1
I am able to reach the gateway ie 10.10.20.1 from the laptop,however i cannot reach anything on the internet (e.g i am unable to ping 4.2.2.2 or 8.8.8.8) Basically i cannot go outside to the internet.
On the server,when i do a netstat -rn,i get the following output
[root@linuxlearn ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.6.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.10.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 0.0.0.0 192.168.6.1 0.0.0.0 UG 0 0 0 eth1 [root@linuxlearn ~]#
I have not put a gateway on the LAN
As you can see,the default route is OK. i would like to be able to access the Internet from my laptop.
My questions are?
1)- Is there any config i have not done well or misconfigured? (My thinking is that my laptop should be able to go to the internet because the routing appears OK,however i stand to be corrected.) 2)- Do i need to do any NATing somewhere?
Kindly give me your thoughts on this issue.
Regards Cynthia
I will assume some few things here: That your WAN/Outbound is ether0 and inbound is ether1 Behold: Exec this on command line as root: Paste one of the below: iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -j SNAT --to-source 192.168.6.142 service iptables save service iptables restart *Finally enable packet forwarding in an easy way:* echo 1 > /proc/sys/net/ipv4/ip_forward sysctl -p Start browsing. Kind Regards, Wilson./
On 28 March 2014 12:50, Thuo Wilson <lixton@gmail.com> wrote:
iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -j SNAT --to-source 192.168.6.142
Grrr ---makosa ya network address iptables -t nat -A POSTROUTING -s 10.10.20.0/255.255.255.0 -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20.0/255.255.255.0 -j SNAT --to-source 192.168.6.142 This is why i love shortcuts: iptables -t nat -A POSTROUTING -s 10.10.20.0/24 <http://255.255.255.0/> -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20.0/24 <http://255.255.255.0/> -j SNAT --to-source 192.168.6.142 Kind Regards, Wilson./
Hi Cynthia, All the explanations given are correct but in my experience you'll lose these settings in case the server reboots, this solution works without modifying iptables, basically what you are doing is making your linux box a router. Assuming eth0 is your WAN interface, add the following lines to /etc/rc.local echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/route add default gw 192.168.6.1 dev eth0 Then restart your network service and run the rc.local script On 28 March 2014 13:04, Thuo Wilson <lixton@gmail.com> wrote:
On 28 March 2014 12:50, Thuo Wilson <lixton@gmail.com> wrote:
iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -j SNAT --to-source 192.168.6.142
Grrr ---makosa ya network address
iptables -t nat -A POSTROUTING -s 10.10.20.0/255.255.255.0 -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20.0/255.255.255.0 -j SNAT --to-source 192.168.6.142
This is why i love shortcuts:
iptables -t nat -A POSTROUTING -s 10.10.20.0/24 <http://255.255.255.0/> -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20.0/24 <http://255.255.255.0/> -j SNAT --to-source 192.168.6.142
Kind Regards, Wilson./
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, @njukey
On 28 March 2014 15:42, David Njuki <njukey@gmail.com> wrote:
Hi Cynthia,
All the explanations given are correct but in my experience you'll lose these settings in case the server reboots, this solution works without modifying iptables, basically what you are doing is making your linux box a router.
Assuming eth0 is your WAN interface, add the following lines to /etc/rc.local
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/route add default gw 192.168.6.1 dev eth0
Then restart your network service and run the rc.local script
Where else do you do NAT on Linux? Seem like am new to linux. Guess what "save" command does :) Why would the settings get lost while they are saved? Guess what "sysctl -p" do or mean? You would easily edit manually, like i said i love shortcuts that work. Si kushinda uki "vim" "pico" na "vi" Kind Regards, Wilson./
Yes you need to do NATing Then if you are using static IPs . remember to add DNS ips on the clients. On Fri, Mar 28, 2014 at 12:50 PM, Thuo Wilson <lixton@gmail.com> wrote:
On 28 March 2014 12:18, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am not an expert in Networking and hence i am posting this here for assistance.
I have a CentOS Box which has 2 NICs My setup is as follows on the CentOS server.
My WAN IP is 192.168.6.142/24 My WAN Gateway is 192.168.6.1/24 My LAN IP is 10.10.20.1/24
My server is able to browse the internet well. i have connected my laptop network port to the LAN port of the server. Laptop IP is 10.10.20.12/24 and i have put gateway to be 10.10.20.1
I am able to reach the gateway ie 10.10.20.1 from the laptop,however i cannot reach anything on the internet (e.g i am unable to ping 4.2.2.2 or 8.8.8.8) Basically i cannot go outside to the internet.
On the server,when i do a netstat -rn,i get the following output
[root@linuxlearn ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.6.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.10.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 0.0.0.0 192.168.6.1 0.0.0.0 UG 0 0 0 eth1 [root@linuxlearn ~]#
I have not put a gateway on the LAN
As you can see,the default route is OK. i would like to be able to access the Internet from my laptop.
My questions are?
1)- Is there any config i have not done well or misconfigured? (My thinking is that my laptop should be able to go to the internet because the routing appears OK,however i stand to be corrected.) 2)- Do i need to do any NATing somewhere?
Kindly give me your thoughts on this issue.
Regards Cynthia
I will assume some few things here: That your WAN/Outbound is ether0 and inbound is ether1 Behold:
Exec this on command line as root: Paste one of the below:
iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -o eth0 -j MASQUERADE *OR the same principle here but you need to change SNAT ip everytime u change provider or WAN ip* iptables -t nat -A POSTROUTING -s 10.10.20/255.255.255.0 -j SNAT --to-source 192.168.6.142
service iptables save service iptables restart
*Finally enable packet forwarding in an easy way:*
echo 1 > /proc/sys/net/ipv4/ip_forward sysctl -p
Start browsing.
Kind Regards, Wilson./
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Kind regards, Brian Linux registered user: . #565878
participants (5)
-
Brian Echesa -
Cynthia Wahome -
David Njuki -
James Wanjau -
Thuo Wilson