CentOS 5 Networking :: Use Webmin To Set Up Port Forwarding/NAT On A Dual-NIC Centos 5.3 Box?
Aug 31, 2009
Can anyone here point me to a walk-through or discussion of how to use Webmin to set up port forwarding/NAT on a dual-NIC Centos 5.3 box? The layout will be simple:
Internet --- NIC1 [CentOS Box] NIC2 --- Switch to other PCs
We have a BUNCH of exposed services that are on special ports -- for example, to connect to one machine, you go in with [IP_Address]:12000, and to connect to another, [IP_Address]:12002, etc., etc. We're currently using OpenSuse 10.3 on this box, and YaST makes this criminally easy (you give it the incoming port number and the destination IP/port numbers and it just works). But OpenSuse 10.3 is nearing EOL, we're buying a new machine, and I'd like to use CentOS on the new one.
I've read the sparse Webmin documentation in their Wiki, and it leads one to believe that you simply insert a "NAT" rule. But there's obviously something they're leaving out. I *am* opening the ports in the firewall. But when I log in to [IP_Address]:port, it just times out. The port forwarding never occurs. The test in this case is SSH, and I know that SSHD is working properly because I can log into that machine just fine from another PC on the same internal subnet.
I have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
i am not able to port 8080 on my CentOS VPS server.I have followed all the instuctions as mentioned on iptables wiki page.Also I am able to telnet my ip address and port number, But can not access from browser.
I'm trying to set up my CentOS 5 box as a gateway for my home network.I've set up dhcp on my internet interface (eth0) and dhcpd on my LAN interface (eth1).I can browse the internet from my CentOS 5 box.I can ping the CentOS 5 box from my LAN.However, I can't browse the internet from my LAN.I've enabled IP forwarding in /etc/sysctl.conf and I've disabled my firewall. I've saved these changes and rebooted. Again, no internet browsing from my LAN.
I am setting up a new server with 2 nics installed. Nic0 goes to the firewall and nic1 goes to the internal engineering network.
Problem is Ip forwarding is not working!
Particulars: Server Name - slick Firewall Name - gateone engineering node - crooked
Routing on slick:
From crooked ( which is inside the server (slick) with an ip address of xx.xx.221.249 the only way I can ping or anything outside of the firewall ( gateone) is to turn on IPtables with this configuration:
I don't want to use IPtables. I need the ip forwarding to work.
I have a mail server on which I would like to block port 25 on my eth0 for everyone except our external spam filter. the problem is that I want our users to be able to connect via port 10025 which is forwarded to port 25, which then is blocked...
what should I add/change to set up port forwarding of port 1000 to ip 192.168.1.200. also how to get the answer sent by 192.168.1.200 follow the same route used by the data received through port forwarding.
i am forwarding HTTP request to a internal server, it is quiet successful but access logs donot show the ip of the external m/c. Rather it shows the ip of the machine on which i have enabled port forwarding.
I have debian sarge.howto forward IP traffic from port 3128 on the local machine to the remote maschine port 3128 ?I mean if I try telnet localhost 3128, should be forwarded automatically to the remote machine
I have two PC's, one with slackware and one with arch, and I am trying to access the web server from the archlinux machine but i haven't manage to do that. The archlinux machine is connect to the internet via the slackware machine via a crossover cable: internet > eth0 (pc1) and ppp0 (the PPPoE connection, pc1) > eth1 (pc1) > eth0 (pc2)
I've setup dynamic port forwarding using Putty, SSH and Firefox.All works well when visiting normal websites (servers listening at port 80). But why can't I visit https websites?Nothing seems to be happening when I visit those.
I have a CentOS box which is Internet Facing. It has 3 LAN's connected to it which are for virtual machines.
I want to port forward port 445 to a machine on one of the LAN interfaces. I have tried various ways to get it done, but still cannot access that port from the interface. I definately know device hosting port 445 is live, as I can ping it from the CentOS box and use lynx to access it! (It's a web server)
I have a server running debian squeeze and kvm to virtualize a Windoze box. It's setup to use NAT. This is because of limits on the network by the admin and unfortunately, there isn't a way to get around this.
We have one linux machine in the office which happens to be an important firewall. I just know the basics and need to make one changeEssentially it is forward mysql traffic to another internal machine.This is the original rule (forward to 184.108.40.206) which is working
I have a ubuntu 9.10 on my desktop in my office and I have another ubuntu on my home desktop. Both machines are behind a router. I guess many people have already asked the same question: how to remote control the office desktop from my home desktop?Many posts discussed about solving this by setting up ssh and port forwarding. But my situation is that I cannot control the router in my office so I cannot set up any port forwarding for my office desktop. So I guess my question becomes how to remote control my office desktop without setting up any port forwarding on the office router.
I currently use a commercial VPN when working overseas for secure internet access.
I now also need to VNC to a home ubuntu desktop (which runs software 24/7 that I need to periodically check).
When overseas, I use a Ubuntu laptop and an Android tablet.
For the VNC I intend to use an SSH tunnel. So my question is: should I ALSO set up openVPN on the home computer (so I can stop paying for a commercial provider which routes all my traffic twice across the Atlantic...) or is it easier/better to use the SSH tunnel for the secure webbrowsing too? Something like a SOCKS proxy?
I've used iptables since it replace ipchains, and I've never had a problem like this.The problem is, as you can see by the title, that port forwarding simply does not work.
network topology: Slackware Linux Server: eth0 - LAN (192.168.0.0/25) eth1 - DSL Static IP eth2 - cable Static IP
eth1 is our standard office connection; it handles all of our default traffic (web browsing for the staff, email, etc). eth2 is our VPN connection, as well as use for all incoming connections (www, etc). Behind the linux box I have a series of Windows Server 2008 R2 boxes that are used to run our office software, website, etc - I don't care how nice they make their products these days, I simply don't trust any MS box open to the net. Therefore, this leaves me with having to port forward port 80 from eth2 to the internal IP address of the web server.
My ruleset is as follows:
$WWW - ip address of the web server iptables -A FORWARD -d $WWW -p tcp --dport 80 -j ACCEPT iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j DNAT --to $WWW
Running ip route shows that I have routing entries for all 3 networks, and I can ping, ssh, etc to any of the addresses without issue. OpenVPN connects across eth2 as well, and all 15 of my VPN tunnels work fine. However - and here's the kicker - if I delete the default route and replace it with the route for eth2, port forwarding works fine.
I have a question about port forwarding. I have an internal Red Hat server and I would like to use it as a central connection point to some back end servers. This is not an internet router setup. I was thinking I could use iptables and do port forwarding similar to an internet router but internal to internal. Basically I would like to take any connections to port 22 on server1 interface eth0 and forward them out of interface eth1 to server2 port 22.I am finding a lot of information on port forwarding, but it is all based on using an internet router that is passing through to an internal server. I need to know how to configure a basic linux setup with no existing iptables entries so that I can do this within an existing network.Also, if there is a better or easier approach I would appreciate any direction. I don't want to do this through an SSH tunnel.I know to start I need the following to enable forwarding in the kernel and a firewall PREROUTING rule.
Is it possible to forward a connection to a port to a completely unrelated external address? For example, I want to redirect ssh traffic to a.b.c.d to w.x.y.z. If w.x.y.z were an internal address and the machine was the router, this would just be plain old NAT port forwarding. But what if w.x.y.z is not an internal address? The reason I want to do this is I want to reassign a domain name example.com from ip address A to B, while allowing users to still ssh into A by using the [URL] domain name. Is this unreasonable? (I am guessing it is unreasonable, since the A wouldn't have it's gateway set to B, as is the case if A were in B's NAT'd internal network.)
I have a script to establish a reverse tunnel with other machine,My problem is to stop the tunnel. If I just kill the PID at sshtunnel.pids, ssh does not release the ports at the server side, so any new connection will fail for several minutes.Is there any way to signal SSH to exit gracefully?
I have logged into my router and set up port-forwarding on port 22. I can log into the machine fine from a machine on the local network using the machines internal IP but when I try to log on from a remote machine using my router's external IP or my DyDNS host-name I get a message saying "connection refused" or "connection timed out." I have configured port-forwarding on the router and the firewall rules says that port 22 is open but when I nmap my routers external ip it says that only port 23 and 80 are open. I am very new to linux and networking.
I don't understand the concept of ssh port forwarding and tunneling.I was going to set up a remote desktop (vnc) connection to my grandmother's laptop that we'll give her soon so if something goes wrong i can fix it from here (she lives on the other side of the world). However, i've read using vnc plain over the internet isn't secure, and that i can secure it by running it through an ssh tunnel.That's what i've understood so far. However, from there on i get confused.
I'd have to run both an ssh server AND a vnc server on her laptop? So what i'd have to do is ssh into her computer, and then while logged on on her computer, somehow open a vnc connection back from the remote server to the local computer? Then i'd go back to my local computer and open a port where the vnc connection is waiting? From the concept, it would seem like i should be able to tunnel all the regular network traffic from the local computer to the remote one through ssh?
would it be possible for anyone to give me step-by-step instructions on how to set up port forwarding on my laptop? I've been using Karmic Koala and just upgraded to Lucid Lynx and not really bothered to port-forward before, so not too sure where to start - googling gives me a lot of terms I don't understand.
I am running Fedora Core 10 and KDE 4.2.1. My KTorrent is having trouble finding online peers lately. I suspect this is a port forwarding issue. I have set up my router to forward port 4444 (UDP) and port 56000 and more (TCP) to my machine's IP address. I have also set my local firewall (system-config-firewall) to allow these ports through.But when I try to test ports 4444 and 56000 via this Open Port Check Tool, it tells me they are closed