On Sun, Feb 11, 2007 at 01:17:14PM +0100, Daria Morgendorffer wrote: > > Hi, > > excuse me for stupid question, but I got totally confused... > > LAN1 connected to a PC, IP 192.168.1.213 > WiFi received by a notebook, IP 192.168.3.213 > (IP's succesfully assigned by dnsmasq) > WAN connected to SMC Barricade, its LAN port is 192.168.2.1, WAN is > a.b.c.238 (it is probably so stupid that I want to hide details, it is a > public IP address) > > When I log as [EMAIL PROTECTED], I can ping to PC (from 192.168.1.1), I > can ping to notebook, I can ping to 192.168.2.1, I can ping to a machine > on the Internet. > > When I run ping at the PC, I can ping to notebook, I can ping > 192.168.2.1, but when I ping a machine on the Internet, I get > > From 192.168.2.1: icmp_seq=1 Redirect Host(New nexthop: a.b.c.237)
Maybe you need masquerading? In simple LAN setups each client only knows it's own subnet and the (default) route to the rest of the world. When packets are routed, the default behaviour is to not alter source or destination IP addresses, which can lead to confusion when combined. Check the output of `iptables -t nat -vnL` - is there a target called MASQUERADE? If not, try the following: `iptables -t nat -A POSTROUTING -o <WAN> -j MASQUERADE` (replacing <WAN> with the wan interface of your router, of course). this tells the router to alter the source IP address of each packet going out the wan interface, so the SMC thinks they were comming directly from the router, and also replies to it (which itself makes use of it's connection states to route it to the real destination). Greetings, Phil _______________________________________________ freewrt-users mailing list [email protected] https://www.freewrt.org/lists/listinfo/freewrt-users
