RE: Connecting two networks through a RedHat box
On Fri, 28 Feb 2003, Larry Brown wrote: > Just to know more about Smoothwall, did you try the fgrep static-routes > /etc/sysconfig/network-scripts/ifup* command? It helps just in case I come > across someone else that is using it and has some similar/related question. As I said in an earlier post: There is no /etc/sysconfig directory. Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Originally in 6.2 (I think) I used to have one ethX that had the GATEWAY= line and used that to denote the gateway. Subsequently I had a problem where I had a more recent version and went to change the gateway in the ethX scripts and it was not there. I added the GATEWAY= line and it still didn't work. I ultimately found that there was a line in /etc/sysconfig/network for the gateway. I changed it and took the lines out of the ethX and it worked fine. I also found that the GUI tools were not making any changes to ethX for the gateway, but rather to just /etc/sysconfig/network so I abandoned using ethX. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rodolfo J. Paiz Sent: Friday, February 28, 2003 5:04 PM To: Red Hat List Subject: RE: Connecting two networks through a RedHat box On Fri, 2003-02-28 at 15:43, Larry Brown wrote: > Don't put the GATEWAY= line in there though. This can mess you up if you > change the gateway in the future since it is now stored in the > /etc/sysconfig/network file. Does "it is now stored" mean "it is now always supposed to be stored" in recent versions of Red Hat, and I didn't notice? Or does it mean "it's stored because we put it there in previous attempts at troubleshooting"? I've always been used to having a GATEWAY for each device, then adding (for example) "GATEWAYDEV=eth0" to /etc/sysconfig/network... -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Just to know more about Smoothwall, did you try the fgrep static-routes /etc/sysconfig/network-scripts/ifup* command? It helps just in case I come across someone else that is using it and has some similar/related question. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Friday, February 28, 2003 4:57 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Fri, 28 Feb 2003, Larry Brown wrote: > The only difference between placing it in /etc/sysconfig/static-routes > (which does not exist until you create one) and placing it in sysinit is > that if you give the service network restart command it will not get run and > the route will drop. Neither the /etc/sysconfig directory nor the service command exist on the smoothwall box, so I think I'll just keep it in sysinit. Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Fri, 2003-02-28 at 15:43, Larry Brown wrote: > Don't put the GATEWAY= line in there though. This can mess you up if you > change the gateway in the future since it is now stored in the > /etc/sysconfig/network file. Does "it is now stored" mean "it is now always supposed to be stored" in recent versions of Red Hat, and I didn't notice? Or does it mean "it's stored because we put it there in previous attempts at troubleshooting"? I've always been used to having a GATEWAY for each device, then adding (for example) "GATEWAYDEV=eth0" to /etc/sysconfig/network... -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On 28 Feb 2003, Rodolfo J. Paiz wrote: > On Fri, 2003-02-28 at 15:03, Rune Berge wrote: > > The file ifcfg-eth1 doesn't exist. Only ifcfg-eth0. Would it be sufficient > > to copy ifcfg-eth0 and alter it, or do I is there more to it? > > It is sufficient to copy and alter it. Bottom line, you should have > something like the following (customize to use your numbers, of course): OK. I did, and ran service network restart, and everything seems to be ok, so I guess that's it then. Thanks! Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Fri, 28 Feb 2003, Larry Brown wrote: > The only difference between placing it in /etc/sysconfig/static-routes > (which does not exist until you create one) and placing it in sysinit is > that if you give the service network restart command it will not get run and > the route will drop. Neither the /etc/sysconfig directory nor the service command exist on the smoothwall box, so I think I'll just keep it in sysinit. Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Fri, 2003-02-28 at 15:36, Larry Brown wrote: > The only difference between placing it in /etc/sysconfig/static-routes > (which does not exist until you create one) and placing it in sysinit is > that if you give the service network restart command it will not get run and > the route will drop. Sysinit only gets parsed on startup. Generally, there is usually a "better" place to put things than rc.local or rc.sysinit (in your two cases today, sysctl.conf and static-routes). People mostly put stuff in rc.local or rc.sysinit when they don't know what the "better" place is. Works, but with some weaknesses. -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Don't put the GATEWAY= line in there though. This can mess you up if you change the gateway in the future since it is now stored in the /etc/sysconfig/network file. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rodolfo J. Paiz Sent: Friday, February 28, 2003 4:35 PM To: Red Hat List Subject: RE: Connecting two networks through a RedHat box On Fri, 2003-02-28 at 15:03, Rune Berge wrote: > The file ifcfg-eth1 doesn't exist. Only ifcfg-eth0. Would it be sufficient > to copy ifcfg-eth0 and alter it, or do I is there more to it? It is sufficient to copy and alter it. Bottom line, you should have something like the following (customize to use your numbers, of course): DEVICE=eth1 NAME=internal IPADDR=192.168.1.10 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 ONBOOT=yes USERCTL=no Other entries are possible but in this case unnecessary. If you want the gory details of what's possible, there's a file somewhere in /usr/share/doc/initscripts...something that describes this. But the above will do exactly what you need. -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Fri, 2003-02-28 at 15:03, Rune Berge wrote: > The file ifcfg-eth1 doesn't exist. Only ifcfg-eth0. Would it be sufficient > to copy ifcfg-eth0 and alter it, or do I is there more to it? It is sufficient to copy and alter it. Bottom line, you should have something like the following (customize to use your numbers, of course): DEVICE=eth1 NAME=internal IPADDR=192.168.1.10 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 ONBOOT=yes USERCTL=no Other entries are possible but in this case unnecessary. If you want the gory details of what's possible, there's a file somewhere in /usr/share/doc/initscripts...something that describes this. But the above will do exactly what you need. -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
The only difference between placing it in /etc/sysconfig/static-routes (which does not exist until you create one) and placing it in sysinit is that if you give the service network restart command it will not get run and the route will drop. Sysinit only gets parsed on startup. Also, make sure you test the /etc/sysconfig/static-routes method if you are going to use it. According to the RH documentation that is how it should be done but I don't know if Smoothwall makes any modification to this nor do I know how many versions back in RH it works that way. I tested RH8 and it works perfectly as described. Another way to verify that it looks for this is running: fgrep static-routes /etc/sysconfig/network-scripts/ifup* Look through the results and you should see an entry: if [ -f /etc/sysconfig/static-routes ]; then That is where it checks for your file. In RH8 this is in ifup-aliases but earlier versions of RH might have it in a different script but in that folder under ifup. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Friday, February 28, 2003 4:17 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Fri, 28 Feb 2003, Larry Brown wrote: > route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.10 > > It turns out that that is not persistent. When you reboot that box it will > remove the entry. There are two ways of making it persistent. The first is > to add the entire line to its rc.local. The second is to create an > /etc/sysconfig/static-routes which is the better choice. Neither of the two files you mention exist on my smoothwall system, so I added the line at the end of /etc/rc.d/sysinit instead. That would do the trick, wouldn't it? Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Fri, 28 Feb 2003, Larry Brown wrote: > route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.10 > > It turns out that that is not persistent. When you reboot that box it will > remove the entry. There are two ways of making it persistent. The first is > to add the entire line to its rc.local. The second is to create an > /etc/sysconfig/static-routes which is the better choice. Neither of the two files you mention exist on my smoothwall system, so I added the line at the end of /etc/rc.d/sysinit instead. That would do the trick, wouldn't it? Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On 28 Feb 2003, Rodolfo J. Paiz wrote: > On Fri, 2003-02-28 at 12:44, Rune Berge wrote: > > For some reason it disabled ip forwarding. I enabled it again but it would > > be nice to make the setting permanent. > > I think you change this is /etc/sysconfig/sysctl.conf but I'm not sure. The file was in /etc, but otherwise you were right. Thanks. > > Also, it doesn't seem like it restarted eth1. Does that mean that > > eth1 won't be brought up automatically if I reboot the redhat box? > > Make sure /etc/sysconfig/network-scripts/ifcfg-eth1 has "ONBOOT=yes" > somewhere in it. Then restart the network to be sure; it should come up > immediately and automatically. The file ifcfg-eth1 doesn't exist. Only ifcfg-eth0. Would it be sufficient to copy ifcfg-eth0 and alter it, or do I is there more to it? Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
OK, the line in /etc/sysconfig/static-routes is... eth0 net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.10 so whenever eth0 is brought up either from a reboot or from "service network restart" the route will be added. Again this is on the smoothwall box. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Larry Brown Sent: Friday, February 28, 2003 2:35 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box I'm glad it helped. Put the ip_forward entry into your rc.local and it will turn forwarding on when you reboot. Also, I was doing a little research on the route entries like the static route we added to your firewall... route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.10 It turns out that that is not persistent. When you reboot that box it will remove the entry. There are two ways of making it persistent. The first is to add the entire line to its rc.local. The second is to create an /etc/sysconfig/static-routes which is the better choice. However, in the static routes the format is different. It is run by the script if-up which is parsed when bringing up a network card. I'm checking on the exact syntax now... Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Friday, February 28, 2003 1:44 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Thu, 27 Feb 2003, Larry Brown wrote: > Oh, I see the redhat box does not have a default gw. You need to edit > /etc/sysconfig/network on the redhat box and make sure you have: > > GATEWAY=192.168.0.1 > > And then do a: > > service network restart /etc/sysconfig/network did contain "GATEWAY=192.168.0.1", but when I ran a service network restart it worked again, so I guess the gateway setting had been altered for some reason. Output from service network restart on the redhat box: Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Disabling IPv4 packet forwarding: [ OK ] Setting network parameters:[ OK ] Bringing up loopback interface:[ OK ] Bringing up interface eth0:[ OK ] For some reason it disabled ip forwarding. I enabled it again but it would be nice to make the setting permanent. Also, it doesn't seem like it restarted eth1. Does that mean that eth1 won't be brought up automatically if I reboot the redhat box? Anyway. It finally works prefectly, so thanks a lot for the help! I've learned quite a bit about linux and routing from this. :D Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
I'm glad it helped. Put the ip_forward entry into your rc.local and it will turn forwarding on when you reboot. Also, I was doing a little research on the route entries like the static route we added to your firewall... route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.10 It turns out that that is not persistent. When you reboot that box it will remove the entry. There are two ways of making it persistent. The first is to add the entire line to its rc.local. The second is to create an /etc/sysconfig/static-routes which is the better choice. However, in the static routes the format is different. It is run by the script if-up which is parsed when bringing up a network card. I'm checking on the exact syntax now... Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Friday, February 28, 2003 1:44 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Thu, 27 Feb 2003, Larry Brown wrote: > Oh, I see the redhat box does not have a default gw. You need to edit > /etc/sysconfig/network on the redhat box and make sure you have: > > GATEWAY=192.168.0.1 > > And then do a: > > service network restart /etc/sysconfig/network did contain "GATEWAY=192.168.0.1", but when I ran a service network restart it worked again, so I guess the gateway setting had been altered for some reason. Output from service network restart on the redhat box: Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Disabling IPv4 packet forwarding: [ OK ] Setting network parameters:[ OK ] Bringing up loopback interface:[ OK ] Bringing up interface eth0:[ OK ] For some reason it disabled ip forwarding. I enabled it again but it would be nice to make the setting permanent. Also, it doesn't seem like it restarted eth1. Does that mean that eth1 won't be brought up automatically if I reboot the redhat box? Anyway. It finally works prefectly, so thanks a lot for the help! I've learned quite a bit about linux and routing from this. :D Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Fri, 2003-02-28 at 12:44, Rune Berge wrote: > For some reason it disabled ip forwarding. I enabled it again but it would > be nice to make the setting permanent. I think you change this is /etc/sysconfig/sysctl.conf but I'm not sure. > Also, it doesn't seem like it restarted eth1. Does that mean that > eth1 won't be brought up automatically if I reboot the redhat box? Make sure /etc/sysconfig/network-scripts/ifcfg-eth1 has "ONBOOT=yes" somewhere in it. Then restart the network to be sure; it should come up immediately and automatically. -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Thu, 27 Feb 2003, Larry Brown wrote: > Oh, I see the redhat box does not have a default gw. You need to edit > /etc/sysconfig/network on the redhat box and make sure you have: > > GATEWAY=192.168.0.1 > > And then do a: > > service network restart /etc/sysconfig/network did contain "GATEWAY=192.168.0.1", but when I ran a service network restart it worked again, so I guess the gateway setting had been altered for some reason. Output from service network restart on the redhat box: Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Disabling IPv4 packet forwarding: [ OK ] Setting network parameters:[ OK ] Bringing up loopback interface:[ OK ] Bringing up interface eth0:[ OK ] For some reason it disabled ip forwarding. I enabled it again but it would be nice to make the setting permanent. Also, it doesn't seem like it restarted eth1. Does that mean that eth1 won't be brought up automatically if I reboot the redhat box? Anyway. It finally works prefectly, so thanks a lot for the help! I've learned quite a bit about linux and routing from this. :D Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Oh, I see the redhat box does not have a default gw. You need to edit /etc/sysconfig/network on the redhat box and make sure you have: GATEWAY=192.168.0.1 And then do a: service network restart Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Thursday, February 27, 2003 4:55 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Thu, 27 Feb 2003, Larry Brown wrote: > I just noticed that last line. Sorry about that. The problem I can see > though is that if you are going to use a name for the redhat box on the > internal network you should probably use a name that is not used on the > Internet since krokodille.com resolves to an actual web site. If you ping > krokodille.com you get a 194.63.248.12 address. No, I don't because krokodille.com is mapped to 192.168.0.10 in /etc/hosts on the smoothwall box. It's the only way I've managed to be able to use the same address both internal and external. Anyway. I changed the netmask as you said, but I still can't connect to the internet from the redhat box. I notieced that there isn't an entry for external addresses in the Redhat Box's routing table. Shouldn't there be something like that? Could it be that the smoothwall box is no longer the default gateway for the redhat machine? If so, how do I restore it? To clarify my situation: The machines on both networks are able to ping each other without problem. The machines on 192.168.0 (except the redhat box) are able to connect to the internet, but the machines on 192.168.1 are not. Info that might be helpful: Redhat box: # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 00 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 00 lo # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 52:54:05:DF:0B:9F inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:20678 errors:0 dropped:0 overruns:0 frame:0 TX packets:25394 errors:66 dropped:0 overruns:0 carrier:65 collisions:1109 txqueuelen:100 RX bytes:2517686 (2.4 Mb) TX bytes:4360660 (4.1 Mb) Interrupt:10 Base address:0x6400 # ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:10:A7:06:52:8B inet addr:192.168.1.10 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:21028 errors:0 dropped:0 overruns:0 frame:0 TX packets:15303 errors:0 dropped:0 overruns:0 carrier:0 collisions:27 txqueuelen:100 RX bytes:17008249 (16.2 Mb) TX bytes:16538978 (15.7 Mb) Interrupt:11 Base address:0x8000 Smoothwall: # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 80.213.72.0 0.0.0.0 255.255.255.255 UH0 00 ppp0 192.168.1.0 192.168.0.10255.255.255.0 UG0 00 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth0 1.1.1.0 0.0.0.0 255.255.255.0 U 0 00 eth1 0.0.0.0 80.213.72.0 0.0.0.0 UG0 00 ppp0 # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:80:AD:91:39:FC inet addr:192.168.0.1 Bcast:192.168.255.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:20266 errors:0 dropped:0 overruns:0 frame:0 TX packets:20657 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:10 Base address:0x6000 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Yes. To both being 255.255.255.0. Your routing tables looks correct. All of the machines that act as routers set their default routes to the router on the other side of a directly connected subnet. The machines in the 192.168.1 network should all show their default gateways as 192.168.1.10 (in your setup). They send a request to anything other than 192.168.1 to the redhat box at 192.168.1.10. Lets say the ip address you are sending to is 24.65.32.12. The request would be sent to the gw 192.168.1.10 since it is not on the local net. The redhat box has the smoothwall as its default gateway so if the request from the 192.168.1 machine going to 24.65.32.12 would be passed to the gateway for the redhat box (192.168.0.1). That box has the ISP DSL/Cable modem/modem or whatever as its gw. So it would send the packets for 24.65.32.12 on to it. The chain keeps working that way until it gets to a router on the ISP that has specific routes to the network 24.65.32.12 are on. On the return path the ISP is sending the packets to the smoothwall box which is masquerading. It knows to route the response back to the machine on the 192.168.1 network because of the static route you added that sends packets destined for that subnet to the RH box 192.168.0.10. The RH box is directly connected to the 192.168.1 subnet to it can send the packets directly back to the requesting machine. I hope this helps you in the future if I described it well enough. That is why the redhat routing table shouldn't have any other internet addresses on it. Now for fixing the problem. You say the redhat box can't surf nor ping an address on the net? Sounds like the smoothwall is not passing traffic through. Check the configuration to make sure it is configured properly to allow traffic out. Also make sure you can ping Internet addresses via name and ip from the smoothwall box itself. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Thursday, February 27, 2003 4:57 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Thu, 27 Feb 2003, Larry Brown wrote: > Change the netmask on the redhat box for 192.168.0 to 255.255.255.0. Right > now the box will see everything as 192.168 to be coming from the 192.168.0 > side. By using 255.255.255.0 for both sides it will know that 192.168.0 > goes towards the net and 192.168.1 goes toward the wireless. So, the network mask on ALL machines on both networks should be 255.255.255.0? Is that correct? Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Check and see if your NIC is registered with your ISP. I recently setup a RH 8.1 box behind a Smoothwall box and I had the same problem. Basically nailed it down to my ISP who wouldn't recognize my NIC. You can check if this is the problem by pinging out of the network because some ISP's allow ACK's out. -Original Message- From: Rune Berge [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 3:55 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Thu, 27 Feb 2003, Larry Brown wrote: > I just noticed that last line. Sorry about that. The problem I can see > though is that if you are going to use a name for the redhat box on the > internal network you should probably use a name that is not used on the > Internet since krokodille.com resolves to an actual web site. If you ping > krokodille.com you get a 194.63.248.12 address. No, I don't because krokodille.com is mapped to 192.168.0.10 in /etc/hosts on the smoothwall box. It's the only way I've managed to be able to use the same address both internal and external. Anyway. I changed the netmask as you said, but I still can't connect to the internet from the redhat box. I notieced that there isn't an entry for external addresses in the Redhat Box's routing table. Shouldn't there be something like that? Could it be that the smoothwall box is no longer the default gateway for the redhat machine? If so, how do I restore it? To clarify my situation: The machines on both networks are able to ping each other without problem. The machines on 192.168.0 (except the redhat box) are able to connect to the internet, but the machines on 192.168.1 are not. Info that might be helpful: Redhat box: # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 00 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 00 lo # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 52:54:05:DF:0B:9F inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:20678 errors:0 dropped:0 overruns:0 frame:0 TX packets:25394 errors:66 dropped:0 overruns:0 carrier:65 collisions:1109 txqueuelen:100 RX bytes:2517686 (2.4 Mb) TX bytes:4360660 (4.1 Mb) Interrupt:10 Base address:0x6400 # ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:10:A7:06:52:8B inet addr:192.168.1.10 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:21028 errors:0 dropped:0 overruns:0 frame:0 TX packets:15303 errors:0 dropped:0 overruns:0 carrier:0 collisions:27 txqueuelen:100 RX bytes:17008249 (16.2 Mb) TX bytes:16538978 (15.7 Mb) Interrupt:11 Base address:0x8000 Smoothwall: # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 80.213.72.0 0.0.0.0 255.255.255.255 UH0 00 ppp0 192.168.1.0 192.168.0.10255.255.255.0 UG0 00 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth0 1.1.1.0 0.0.0.0 255.255.255.0 U 0 00 eth1 0.0.0.0 80.213.72.0 0.0.0.0 UG0 00 ppp0 # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:80:AD:91:39:FC inet addr:192.168.0.1 Bcast:192.168.255.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:20266 errors:0 dropped:0 overruns:0 frame:0 TX packets:20657 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:10 Base address:0x6000 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Thu, 27 Feb 2003, Larry Brown wrote: > Change the netmask on the redhat box for 192.168.0 to 255.255.255.0. Right > now the box will see everything as 192.168 to be coming from the 192.168.0 > side. By using 255.255.255.0 for both sides it will know that 192.168.0 > goes towards the net and 192.168.1 goes toward the wireless. So, the network mask on ALL machines on both networks should be 255.255.255.0? Is that correct? Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Thu, 27 Feb 2003, Larry Brown wrote: > I just noticed that last line. Sorry about that. The problem I can see > though is that if you are going to use a name for the redhat box on the > internal network you should probably use a name that is not used on the > Internet since krokodille.com resolves to an actual web site. If you ping > krokodille.com you get a 194.63.248.12 address. No, I don't because krokodille.com is mapped to 192.168.0.10 in /etc/hosts on the smoothwall box. It's the only way I've managed to be able to use the same address both internal and external. Anyway. I changed the netmask as you said, but I still can't connect to the internet from the redhat box. I notieced that there isn't an entry for external addresses in the Redhat Box's routing table. Shouldn't there be something like that? Could it be that the smoothwall box is no longer the default gateway for the redhat machine? If so, how do I restore it? To clarify my situation: The machines on both networks are able to ping each other without problem. The machines on 192.168.0 (except the redhat box) are able to connect to the internet, but the machines on 192.168.1 are not. Info that might be helpful: Redhat box: # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 00 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 00 lo # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 52:54:05:DF:0B:9F inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:20678 errors:0 dropped:0 overruns:0 frame:0 TX packets:25394 errors:66 dropped:0 overruns:0 carrier:65 collisions:1109 txqueuelen:100 RX bytes:2517686 (2.4 Mb) TX bytes:4360660 (4.1 Mb) Interrupt:10 Base address:0x6400 # ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:10:A7:06:52:8B inet addr:192.168.1.10 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:21028 errors:0 dropped:0 overruns:0 frame:0 TX packets:15303 errors:0 dropped:0 overruns:0 carrier:0 collisions:27 txqueuelen:100 RX bytes:17008249 (16.2 Mb) TX bytes:16538978 (15.7 Mb) Interrupt:11 Base address:0x8000 Smoothwall: # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 80.213.72.0 0.0.0.0 255.255.255.255 UH0 00 ppp0 192.168.1.0 192.168.0.10255.255.255.0 UG0 00 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth0 1.1.1.0 0.0.0.0 255.255.255.0 U 0 00 eth1 0.0.0.0 80.213.72.0 0.0.0.0 UG0 00 ppp0 # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:80:AD:91:39:FC inet addr:192.168.0.1 Bcast:192.168.255.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:20266 errors:0 dropped:0 overruns:0 frame:0 TX packets:20657 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:10 Base address:0x6000 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
I just noticed that last line. Sorry about that. The problem I can see though is that if you are going to use a name for the redhat box on the internal network you should probably use a name that is not used on the Internet since krokodille.com resolves to an actual web site. If you ping krokodille.com you get a 194.63.248.12 address. It might not be a problem as long as you don't want to hit that site, but to keep things balanced well, I would use a name that is not used. Or even use an extension like krokodille.int for your "int"ernal site. I don't think there is such a domain extension in existence and I don't know of any extensions set aside for this purpose either. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Thursday, February 27, 2003 12:45 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Tue, 25 Feb 2003, Larry Brown wrote: > echo "1" >/proc/sys/net/ipv4/ip_forward > > turns on forwarding. As for the Smoothwall, I've never used it before. > >From just looking at their site they appear to have built it on RH. If so > and you have access to the console, redhat's route on the Smoothwall box > would be... > > route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.100 Thanks for the help. I removed shorewall, and did as you said, and now the two networks are connected. However, the 192.168.1 network is still unable to access internet. Even the redhat box, which was able to before, gets a "connect: Network is unreachable" error when trying to ping an address on the internet (I've tried pinging IP-addresses, so it's not a DNS problem). Does anybody know what the problem is? Below are the routing tables for the two machines. *Output from route on the redhat box (192.168.0.10/192.168.1.10): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 127.0.0.0 * 255.0.0.0 U 0 00 lo *Output from route on the smoothwall box (192.168.0.1): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface ti500720a080-l1 * 255.255.255.255 UH0 00 ppp0 192.168.1.0 krokodille.com 255.255.255.0 UG0 00 eth0 1.1.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 default ti500720a080-l1 0.0.0.0 UG0 00 ppp0 (krokodille.com is the redhat box) -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Now on the smoothwall box do a: route -n and send the results. It should show IP numbers instead of dns names. I believe the 192.168.1.0/255.255.255.0 entry is pointing in the wrong direction but the results from route -n should help verify it. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Thursday, February 27, 2003 12:45 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Tue, 25 Feb 2003, Larry Brown wrote: > echo "1" >/proc/sys/net/ipv4/ip_forward > > turns on forwarding. As for the Smoothwall, I've never used it before. > >From just looking at their site they appear to have built it on RH. If so > and you have access to the console, redhat's route on the Smoothwall box > would be... > > route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.100 Thanks for the help. I removed shorewall, and did as you said, and now the two networks are connected. However, the 192.168.1 network is still unable to access internet. Even the redhat box, which was able to before, gets a "connect: Network is unreachable" error when trying to ping an address on the internet (I've tried pinging IP-addresses, so it's not a DNS problem). Does anybody know what the problem is? Below are the routing tables for the two machines. *Output from route on the redhat box (192.168.0.10/192.168.1.10): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 127.0.0.0 * 255.0.0.0 U 0 00 lo *Output from route on the smoothwall box (192.168.0.1): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface ti500720a080-l1 * 255.255.255.255 UH0 00 ppp0 192.168.1.0 krokodille.com 255.255.255.0 UG0 00 eth0 1.1.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 default ti500720a080-l1 0.0.0.0 UG0 00 ppp0 (krokodille.com is the redhat box) -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
Change the netmask on the redhat box for 192.168.0 to 255.255.255.0. Right now the box will see everything as 192.168 to be coming from the 192.168.0 side. By using 255.255.255.0 for both sides it will know that 192.168.0 goes towards the net and 192.168.1 goes toward the wireless. Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Thursday, February 27, 2003 12:45 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Tue, 25 Feb 2003, Larry Brown wrote: > echo "1" >/proc/sys/net/ipv4/ip_forward > > turns on forwarding. As for the Smoothwall, I've never used it before. > >From just looking at their site they appear to have built it on RH. If so > and you have access to the console, redhat's route on the Smoothwall box > would be... > > route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.100 Thanks for the help. I removed shorewall, and did as you said, and now the two networks are connected. However, the 192.168.1 network is still unable to access internet. Even the redhat box, which was able to before, gets a "connect: Network is unreachable" error when trying to ping an address on the internet (I've tried pinging IP-addresses, so it's not a DNS problem). Does anybody know what the problem is? Below are the routing tables for the two machines. *Output from route on the redhat box (192.168.0.10/192.168.1.10): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 127.0.0.0 * 255.0.0.0 U 0 00 lo *Output from route on the smoothwall box (192.168.0.1): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface ti500720a080-l1 * 255.255.255.255 UH0 00 ppp0 192.168.1.0 krokodille.com 255.255.255.0 UG0 00 eth0 1.1.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 default ti500720a080-l1 0.0.0.0 UG0 00 ppp0 (krokodille.com is the redhat box) -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Tue, 25 Feb 2003, Larry Brown wrote: > echo "1" >/proc/sys/net/ipv4/ip_forward > > turns on forwarding. As for the Smoothwall, I've never used it before. > >From just looking at their site they appear to have built it on RH. If so > and you have access to the console, redhat's route on the Smoothwall box > would be... > > route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.100 Thanks for the help. I removed shorewall, and did as you said, and now the two networks are connected. However, the 192.168.1 network is still unable to access internet. Even the redhat box, which was able to before, gets a "connect: Network is unreachable" error when trying to ping an address on the internet (I've tried pinging IP-addresses, so it's not a DNS problem). Does anybody know what the problem is? Below are the routing tables for the two machines. *Output from route on the redhat box (192.168.0.10/192.168.1.10): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 192.168.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 127.0.0.0 * 255.0.0.0 U 0 00 lo *Output from route on the smoothwall box (192.168.0.1): Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface ti500720a080-l1 * 255.255.255.255 UH0 00 ppp0 192.168.1.0 krokodille.com 255.255.255.0 UG0 00 eth0 1.1.1.0 * 255.255.255.0 U 0 00 eth1 192.168.0.0 * 255.255.0.0 U 0 00 eth0 default ti500720a080-l1 0.0.0.0 UG0 00 ppp0 (krokodille.com is the redhat box) -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Connecting two networks through a RedHat box
On Tue, 2003-02-25 at 08:28, Rune Berge wrote: > > > Network layout: > > > ADSL -- Smoothwall box --(LAN)-- Redhat server -- Wireless GW > > > > It'll still work. > > Good. A couple of questions. What IP address should I use on the RH > server's second NIC? The same as on eth0 (192.168.0.10), or something else > (like 192.168.1.10)? IP addresses don't belong to computers, they belong to network interfaces. So no, you will never use the same exact IP address twice. I note that you are not quite using the same IP address, but rather the same final octet (x.x.x.10) on different subnets. If that is what you meant, then you are free to do that or to do it entirely differently. Overall, this is what I would do IF I FOUND IT ACCEPTABLE FOR MY NEIGHBOR TO BE PART OF MY NETWORK AND ACCESS MY MACHINES: 1. Setup your eth1 (to your neighbor's house) as 192.168.1.1. From habit, I use the "1" on small networks always as the gateway to the outside, and as far as your neighbor is concerned that is his gateway. 2. Setup dhcp to answer only on eth1 (in /etc/sysconfig/dhcp change the line to DHCPARGS="eth1" ensuring that dhcp will only serve addresses on that interface. 3. Of course, configure dhcp.conf properly (easy). 4. Tell Shorewall (using the /etc/shorewall/masq file) that the whole subnet on eth1 will be masqueraded and go out to the world through eth0. This will allow him access to your network and the world. 5. Make sure the "rfc1918" keyword IS NOT SET on either interface, since that would automatically block all private addresses (which you are using). Alternately, modify /etc/shorewall/rfc1918 to tell Shorewall which private addresses you use so it accepts them. 6. Don't forget to restart dhcp and shorewall so they reload and activate their new configurations. Unless I've forgotten something, this should be it and you should be up and about in around five minutes. Every file in /etc/shorewall is self-documenting and very easy to use. However, PLEASE DO READ the Quickstart documentation on the www.shorewall.net site so you understand how Shorewall thinks. Ten minutes of reading and you'll have no trouble at all. > That's correct. AFAIK Smoothwall doesn't support multiple "green" > interfaces, and I _really_ don't want to mess with the Smoothwall config > files manually. I realise that it would probably work if I simply put the > GW on the Smoothwall's DMZ (which I don't use now), but I would like a > more flexible solution. My "more flexible solution" is an RH8 box that I've savagely cut down to the bare minimum of anything at all, running three NICs and Shorewall along with the following services: o dhcp (on internal net only) o named (on internal net only) o squid (on internal net only) o ntpd (on all interfaces) o openssh (on all interfaces, using keys not passwords) o [EMAIL PROTECTED] This box provides all basic network services and, if hacked, will only require me to reinstall via kickstart and restore six or seven config files... take all of 10 minutes. Runs on a P166, 64MB, 1GB, with about 8 months of uptime now. :-) -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
echo "1" >/proc/sys/net/ipv4/ip_forward turns on forwarding. As for the Smoothwall, I've never used it before. >From just looking at their site they appear to have built it on RH. If so and you have access to the console, redhat's route on the Smoothwall box would be... route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.100 Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rune Berge Sent: Tuesday, February 25, 2003 1:58 PM To: [EMAIL PROTECTED] Subject: RE: Connecting two networks through a RedHat box On Tue, 25 Feb 2003, Larry Brown wrote: > ADSL Smoothwall RedHat Box Wireless Node > 123.123.123.123 -- > 123.123.123.122_192.168.0.1--192.168.0.100_192.168.1.1---192 > .168.1.2 > GW 123.123.123.123 GW 192.168.0.1GW 192.168.1.1 > > Make sure the RedHat box has IP forwarding enabled. You also need to make > sure that the Smoothwall box is aware of the 192.168.1 subnet and that it is > routed through the redhat box. If that presents a problem you can always > use iptables to masquerade the 192.168.1 network. Could someone give some more specific information about how to do this? How do I enable IP forwarding on the RedHat box? And how do I make the Smoothwall box aware of the 192.168.1 subnet? Thanks, Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
On Tue, 25 Feb 2003, Larry Brown wrote: > ADSL Smoothwall RedHat Box > Wireless Node > 123.123.123.123 -- > 123.123.123.122_192.168.0.1--192.168.0.100_192.168.1.1---192 > .168.1.2 > GW 123.123.123.123 GW 192.168.0.1 >GW 192.168.1.1 > > Make sure the RedHat box has IP forwarding enabled. You also need to make > sure that the Smoothwall box is aware of the 192.168.1 subnet and that it is > routed through the redhat box. If that presents a problem you can always > use iptables to masquerade the 192.168.1 network. Could someone give some more specific information about how to do this? How do I enable IP forwarding on the RedHat box? And how do I make the Smoothwall box aware of the 192.168.1 subnet? Thanks, Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: Connecting two networks through a RedHat box
ADSLSmoothwall RedHat Box Wireless Node 123.123.123.123 -- 123.123.123.122_192.168.0.1--192.168.0.100_192.168.1.1---192 .168.1.2 GW 123.123.123.123 GW 192.168.0.1 GW 192.168.1.1 Make sure the RedHat box has IP forwarding enabled. You also need to make sure that the Smoothwall box is aware of the 192.168.1 subnet and that it is routed through the redhat box. If that presents a problem you can always use iptables to masquerade the 192.168.1 network. In that case the Smoothwall will see all requests from all machines on the 192.168.1 network as coming from the 192.168.0.100 address directly. (as if it is making the requests) That presents a problem for logging in which the Smoothwall will not be able to differentiate which user on the wireless system is making the request. (depending on how the wireless device works that may not possible anyway) Larry S. Brown Dimension Networks, Inc. (727) 723-8388 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Connecting two networks through a RedHat box
On 24 Feb 2003, Rodolfo J. Paiz wrote: > On Mon, 2003-02-24 at 18:05, Rune Berge wrote: > > I didn't say that I only have two network connections, I just said that I > > want to connect two of them through my Redhat server. My home network and > > my internet connection is connected through another machine running > > Smoothwall. > > > > Network layout: > > ADSL -- Smoothwall box --(LAN)-- Redhat server -- Wireless GW > > It'll still work. Good. A couple of questions. What IP address should I use on the RH server's second NIC? The same as on eth0 (192.168.0.10), or something else (like 192.168.1.10)? > By the way, it seems obvious to think of connecting the Wireless GW to > the Smoothwall box as a third interface, so I suppose that's already > been thought of and discarded as a valid option? That's correct. AFAIK Smoothwall doesn't support multiple "green" interfaces, and I _really_ don't want to mess with the Smoothwall config files manually. I realise that it would probably work if I simply put the GW on the Smoothwall's DMZ (which I don't use now), but I would like a more flexible solution. Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Connecting two networks through a RedHat box
On Mon, 2003-02-24 at 18:05, Rune Berge wrote: > I didn't say that I only have two network connections, I just said that I > want to connect two of them through my Redhat server. My home network and > my internet connection is connected through another machine running > Smoothwall. > > Network layout: > ADSL -- Smoothwall box --(LAN)-- Redhat server -- Wireless GW It'll still work. By the way, it seems obvious to think of connecting the Wireless GW to the Smoothwall box as a third interface, so I suppose that's already been thought of and discarded as a valid option? -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Connecting two networks through a RedHat box
On 24 Feb 2003, Rodolfo J. Paiz wrote: > On Mon, 2003-02-24 at 17:25, Rune Berge wrote: > > > My best advice for the simple route to success: download Shorewall at > http://www.shorewall.net and use your RH8 box as a gateway. Really, it > sounds like you have three network connections and not two: > > 1. Your Internet connection > 2. Your home network > 3. Your neighbor's wireless gateway Thanks for the tip. I'll look into Shorewall. I didn't say that I only have two network connections, I just said that I want to connect two of them through my Redhat server. My home network and my internet connection is connected through another machine running Smoothwall. Network layout: ADSL -- Smoothwall box --(LAN)-- Redhat server -- Wireless GW Rune -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Connecting two networks through a RedHat box
On Mon, 2003-02-24 at 17:25, Rune Berge wrote: > > I have a BNC network at home, and my neighbour wants to connect to it with > a wireless gateway and share my Internet connection. So I figured I could > insert a second NIC in my Redhat 8 server, and connect that to the > wireless network. Would that work? If so, how do I do it? > > I'm not a very experienced linux user, so solutions not involving > recompiling the kernel is much preferred... Yes, it's possible. And no, kernel recompilation is not required. My best advice for the simple route to success: download Shorewall at http://www.shorewall.net and use your RH8 box as a gateway. Really, it sounds like you have three network connections and not two: 1. Your Internet connection 2. Your home network 3. Your neighbor's wireless gateway If you want to go the extra mile, you can also use DHCP to assign his machines addresses on a different subnet (e.g. assign yourself 192.168.0.x and him 192.168.1.x) and set up routing such that he can access the Internet but is firewalled from your network. This is easy with Shorewall and dhcp. Note that there are plenty of other tools that do this. Shorewall just happens to be the only one I know and use, and which has worked flawlessly and easily for me. YMMV. -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
