Shailesh,
Try this.
1. Take two ethernet cards (though u can do with one also, but for
security purposes)
2. Put on eth0 your local network - lets say 192.168.1.* lets say -
192.168.1.1 (rest of your windoze cud be on 192.168.1.*)
3. Put on your eth1 for isp. Now if the isp gives permanent ip address,
great, configure your eth1 for the same, if not, configure your eth1 to
pick address dynamically.
route add gw <yr isp gw> eth1
3.a. If your eth1 is dynamic, then you will need to execute a script
that automatically runs the route add command everytime it is brought up
4. to run name server, simply install bind, bindutils, caching-name
server rpms (i would strongly recommend to upgrade to rh 9.0 since the
original 7.2 has security punctured bind).
5. I assume you will need to run proxy
Install all rpms of squid on the server.For access control use
squidguard.
6.In addition to this, if you would want internal systems to connect
directly to the net, using your linux box as gw.
6.a - to all machines on your lan make add the gateway as 192.168.1.1
(ip of yr linux box)
6.b - in all your machines on your lan, make the dns as 192.168.1.1
(ip of yr linux box)
6.c A simple and correct method would be to run the linux box as dhcp
server (on eth0) and boot all windoze from this - so that the above
config is not required on client side.
6.d. execute
echo "1" > /proc/sys/net/ipv4/ip_forward (this will allow your
linux box to masq)
6.e. Now you need to add rules so that your internal users can go
outside ( i am assuming u r going to use ipchains in 7.2)
ipchains -F (flush)
ipchains -X (remove rules)
ipchains -A forward -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -j
MASQ (Allow all source 192.168.1.0 to talk to any outside
0.0.0.0/0.0.0.0)
You can ofcourse add more filters as you go along.
Thats it - you are on.
7. If you need people from outside to come into your network (gosh! cant
be dumber than this) u will need to add rules in reverse direction.
8. Use webmin, to configure above, it will make your life so much more
simpler.
regards,
alok sinha
Naresh Narang wrote:
> O reilly's book "TCP/IP Network administration" by
> Craig Hunt is a good book to start with.
>
> Regards
> --Naresh
>
> --- "Shailesh J. Kumar" <[EMAIL PROTECTED]> wrote:
> > Hi,
> >
> > I have installed Linux 7.2 on a machine, which has
> > two LAN Cards.
> >
> > One LAN Card has a Live IP given by our ISP. The
> > Other LAN Card has a Local
> > IP, which is the Gateway IP of my organization.
> >
> > I want to Setup this system to act as the Gateway of
> > the whole organization.
> > For it to act as a gateway NAT has to be configured.
> >
> > 1) How do I configure NAT on the system, for it act
> > as a Gateway of all the
> > machines on different Platforms e.g. Win95, Win98,
> > Win2k, WinXP (User
> > Machines).
> > 2) How can I also configure this system to act as a
> > DNS Server of the whole
> > organization, replicating my ISPs DNS?
> > 3) Also can it be configured to keep a DNS Cache for
> > faster performance and
> > speed?
> >
> > I would be gr8ful if anyone could help me out by
> > providing me some
> > documentation or links to the above.
> >
> > Regards
> >
> > Shailesh
> >
> >
> > _______________________________________________
> > ilugd mailing list
> > [EMAIL PROTECTED]
> > http://frodo.hserus.net/mailman/listinfo/ilugd
>
> =====
> -- Naresh
>
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
>
> _______________________________________________
> ilugd mailing list
> [EMAIL PROTECTED]
> http://frodo.hserus.net/mailman/listinfo/ilugd
_______________________________________________
ilugd mailing list
[EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
