Re: set up NAT (network address translation) on local server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



--- On Wed, 11/19/08, Craig White <craigwhite@xxxxxxxxxxx> wrote:

> From: Craig White <craigwhite@xxxxxxxxxxx>
> Subject: Re: set up NAT (network address translation) on local server
> To: olivares14031@xxxxxxxxx, "Community assistance, encouragement, and advice for using Fedora." <fedora-list@xxxxxxxxxx>
> Date: Wednesday, November 19, 2008, 2:20 PM
> On Wed, 2008-11-19 at 13:09 -0800, Antonio Olivares wrote:
> > --- On Wed, 11/19/08, Antonio Olivares
> <olivares14031@xxxxxxxxx> wrote:
> > 
> > > From: Antonio Olivares
> <olivares14031@xxxxxxxxx>
> > > Subject: set up NAT (network address translation)
> on local server
> > > To: fedora-list@xxxxxxxxxx
> > > Date: Wednesday, November 19, 2008, 12:59 PM
> > > Dear all,
> > > 
> > > Starting new thread to clear up the other one:
> > > Re: Make a DHCP server using Fedora - Help
> > > 
> > > After going through the steps outlined and the
> guidance
> > > provided by great individuals that participate in
> this list
> > > :)
> > > 
> > > /* Done now added eth1 to DHCPARGS */ 
> > > [olivares@localhost ~]$ cat /etc/sysconfig/dhcpd
> > > DHCPDARGS=eth1
> > > 
> > > 
> > > I need a little bit of help in setting up NAT.  I
> can use
> > > the system-config-firewall or I can try using
> webmin or from
> > > command line, I feel I can achieve the goal.
> > > 
> > > How should I begin?
> > > 
> > > I had done this before, but because of other
> problems
> > > between the devices and my errors, it did not
> work :(
> > > 
> > > # Forward all packets from eth1 (internal
> network) to eth0
> > > (the public internet)
> > > iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
> > > # Forward packets that are part of existing and
> related
> > > connections from eth0 to eth1
> > > iptables -A FORWARD -i eth0 -o eth1 -m state
> --state
> > > ESTABLISHED,RELATED -j ACCEPT
> > > # Enable SNAT functionality on eth0. a.b.c.d are
> generally
> > > the ip of the eth0
> > > iptables -A POSTROUTING -t nat -s 192.168.1.0/24
> -o eth0 -j
> > > SNAT --to-source a
> > > 
> > > Thank you for helping,
> > > 
> > > Regards,
> > > 
> > > Antonio 
> > > 
> > > 
> > >       
> > > 
> > > -- 
> > Sorry to reply to my own thread, but some might ask if
> I did the following and here's what I have done.  
> > 
> > Did this part : 
> > 
> > [olivares@localhost ~]$ su -                    
> > Password:                                       
> > [root@localhost ~]# service dhcpd restart       
> > Starting dhcpd:                                       
>     [  OK  ]
> > [root@localhost ~]# tail -f /var/log/messages         
>             
> > Nov 19 15:00:02 localhost dhcpd: Copyright 2004-2007
> Internet Systems Consortium.                                
>                                               
> > Nov 19 15:00:02 localhost dhcpd: All rights reserved. 
>                          
> > Nov 19 15:00:02 localhost dhcpd: For info, please
> visit http://www.isc.org/sw/dhcp/                           
>                                                  
> > Nov 19 15:00:02 localhost dhcpd: Not searching LDAP
> since ldap-server, ldap-port and ldap-base-dn were not
> specified in the config file                         
> > Nov 19 15:00:02 localhost dhcpd: Wrote 2 leases to
> leases file.                 
> > Nov 19 15:00:02 localhost dhcpd: Listening on
> LPF/eth1/00:60:97:c5:2a:c3/192.168.0.0/24                   
>                                                      
> > Nov 19 15:00:02 localhost dhcpd: Sending on  
> LPF/eth1/00:60:97:c5:2a:c3/192.168.0.0/24                   
>                                                      
> > Nov 19 15:00:02 localhost dhcpd: Sending on  
> Socket/fallback/fallback-net      
> > Nov 19 15:00:06 localhost dhcpd: DHCPREQUEST for
> 192.168.0.3 from 00:11:2f:35:88:2e via eth1                 
>                                                   
> > Nov 19 15:00:06 localhost dhcpd: DHCPACK on
> 192.168.0.3 to 00:11:2f:35:88:2e via eth1                   
>                                                        
> > Nov 19 15:00:22 localhost dhcpd: DHCPDISCOVER from
> 00:d0:b7:c1:09:58 via eth1   
> > Nov 19 15:00:23 localhost dhcpd: DHCPOFFER on
> 192.168.0.2 to 00:d0:b7:c1:09:58 (6355-hthhzebqqx) via eth1 
>                                                      
> > Nov 19 15:00:23 localhost dhcpd: DHCPREQUEST for
> 192.168.0.2 (192.168.0.1) from 00:d0:b7:c1:09:58
> (6355-hthhzebqqx) via eth1                                  
>  
> > Nov 19 15:00:23 localhost dhcpd: DHCPACK on
> 192.168.0.2 to 00:d0:b7:c1:09:58 (6355-hthhzebqqx) via eth1 
>                                                        
> > Nov 19 15:00:33 localhost dhcpd: DHCPINFORM from
> 192.168.0.2 via eth1           
> > Nov 19 15:00:33 localhost dhcpd: DHCPACK to
> 192.168.0.2 (00:d0:b7:c1:09:58) via eth1                    
>                                                        
> > Nov 19 15:00:37 localhost dhcpd: DHCPINFORM from
> 192.168.0.2 via eth1           
> > Nov 19 15:00:37 localhost dhcpd: DHCPACK to
> 192.168.0.2 (00:d0:b7:c1:09:58) via eth1                
> > 
> > >From one of the machines I get :
> > 
> > [olivares@localhost ~]$ cat /media/STAPLES\
> UFD/computer1.txt 
> > 
> > Windows 2000 IP Configuration
> > 
> >         Host Name . . . . . . . . . . . . :
> 6355-hthhzebqqx
> >         Primary DNS Suffix  . . . . . . . :           
>     
> >         Node Type . . . . . . . . . . . . : Hybrid    
>     
> >         IP Routing Enabled. . . . . . . . : No        
>     
> >         WINS Proxy Enabled. . . . . . . . : No        
>     
> > 
> > Ethernet adapter Local Area Connection:
> > 
> >         Connection-specific DNS Suffix  . :
> >         Description . . . . . . . . . . . : Intel(R)
> 82559 Fast Ethernet LAN onMotherboard
> >         Physical Address. . . . . . . . . :
> 00-D0-B7-C1-09-58
> >         DHCP Enabled. . . . . . . . . . . : Yes
> >         Autoconfiguration Enabled . . . . : Yes
> >         IP Address. . . . . . . . . . . . :
> 192.168.0.2
> >         Subnet Mask . . . . . . . . . . . :
> 255.255.255.0
> >         Default Gateway . . . . . . . . . :
> 192.168.0.1
> >         DHCP Server . . . . . . . . . . . :
> 192.168.0.1
> >         DNS Servers . . . . . . . . . . . :
> 10.154.16.130
> >                                             10.128.0.4
> >         Lease Obtained. . . . . . . . . . : Wednesday,
> November 19, 2008 2:57:58 PM
> >         Lease Expires . . . . . . . . . . : Wednesday,
> November 19, 2008 8:57:58 PM
> > [olivares@localhost ~]$
> > 
> > DNS appear to be correct, but I cannot browse.  I am
> almost there.  Just a little thing here or there and it will
> be done :)
> ----
> eliminate DNS from the equation for the time being because
> I think your
> problem is routing still...
> 
> # host www.yahoo.com
> www.yahoo.com is an alias for www.wa1.b.yahoo.com.
> www.wa1.b.yahoo.com is an alias for
> www-real.wa1.b.yahoo.com.
> www-real.wa1.b.yahoo.com has address 209.131.36.158
> 
> So on one of your workstations, try
> 
> ping 209.131.36.158
> ping www.yahoo.com
> 
> If only the 209.131.36.158 succeeds, your problem is DNS.
> If both fail,
> your problem is routing (probably something in your
> IPTABLES setup on
> your system doing the forwarding/routing).
> 
> Craig

Here is what happens :

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\6355-win2000>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : 6355-hthhzebqqx
        Primary DNS Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LAN on
Motherboard
        Physical Address. . . . . . . . . : 00-D0-B7-C1-09-58
        DHCP Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.0.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.1
        DHCP Server . . . . . . . . . . . : 192.168.0.1
        DNS Servers . . . . . . . . . . . : 10.154.16.130
                                            10.128.0.4
        Lease Obtained. . . . . . . . . . : Wednesday, November 19, 2008 5:03:54
 PM
        Lease Expires . . . . . . . . . . : Wednesday, November 19, 2008 11:03:5
4 PM



C:\Documents and Settings\6355-win2000>ping 209.131.36.158

Pinging 209.131.36.158 with 32 bytes of data:

Reply from 192.168.0.1: Destination host unreachable.
Reply from 192.168.0.1: Destination host unreachable.
Reply from 192.168.0.1: Destination host unreachable.
Reply from 192.168.0.1: Destination host unreachable.

Ping statistics for 209.131.36.158:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  0ms, Average =  0ms

C:\Documents and Settings\6355-win2000>ping www.yahoo.com
Unknown host www.yahoo.com.

C:\Documents and Settings\6355-win2000>



The problem is still at routing then :(

Thanks for helping.  Which rules should I try out?

Regards,

Antonio 


      

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux