On Sun, Nov 04, 2007 at 10:34:29PM +0100, P?l Cs?nyi wrote: > 2007/11/4, Douglas A. Tutty <[EMAIL PROTECTED]>: > > On Sat, Nov 03, 2007 at 07:46:20PM +0100, P?l Cs?nyi wrote: > > > > > > I have a Cable Modem connection to my ISP. > > > > my ISP > | > Cable Modem connection to my ISP > | > eth3 > get an IP address > from dhcp server of my ISP > 10.91.0.xxx > | > PC box-1 firewall/gateway > ========================= > eth1 eth2 > 192.168.1.1 192.168.2.1 > | | > LAN DMZ > | | > eth0 eth0 > 192.168.1.98 192.168.2.100 > | | > PC box-2 PC box-3 > desktop server > Debian Etch Debian Etch > =========== =========== > > > > I can connect from the PC box-1 to the internet, > > > but can't connect from LAN & from DMZ to the internet. > > > > > > I use shorewall on all boxes, but even when I do > > > shorewall clear on all boxes, I still can't to connect to the > > > internet from LAN & DMZ. > > > > > > On the firewall/gateway I have dhcp server which give > > > IP addresses to box-2 & box-3. > > > > > > I set up on both box-2 & box-3 the dhcp client to get the > > > domain-name-servers, and have these servers in resolv.conf. > > > > Did you enable packet forwarding on box 1? > > Yes I did. > /proc/sys/net/ipv4/ip_forward > is 1 > > > Is shorewall masquerading for you? > > No, I have not a public IP address yet, so I don't need it.
Yes, you do. You have three networks: 192.168.1.0, 192.168.2.0, and 10.91.0.0. The cable modem will route from the 10.91.0.0 but won't route from other networks. > > Test by pinging by IP number and worry about DNS once IP works. ^^^^^^^^^ > > from PC box-1 ping PC box-2 > ping 192.168.1.98 > OK > > from PC box-1 ping PC box-3 > ping 192.168.2.100 > OK > > from PC box-1 ping www.google.com > ping www.google.com > OK What IP number does it ping? > > from PC box-2 ping PC box-1 > ping 192.168.1.1 > OK > > from PC box-2 ping www.google.com > ping www.google.com > ping: unknown host www.google.com > Try pining google's IP number (from above). > from PC box-3 ping PC box-1 > ping 192.168.1.1 > OK > > from PC box-3 ping www.google.com > ping www.google.com > ping: unknown host www.google.com > > ditto. > I set up on PC box-1 & box-2 & box-3 dhcpclient so > they get domain-name-servers of my ISP correctly. > I can see the correct nameservers in resolv.conf > of both boxes. > > I don't understand what is missing here more? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]