Networking :: IP Forwarding To Another Network?
Apr 5, 2011
I'm facing a challenge in setting up a simple routing between 2 networks. The situation is as follows.We're using 2 networks, 1 that handles all the office traffic and 1 that is used for storage traffic to the NAS. I'm trying to setup a simple router that will forward requests from the office LAN to the storage one, so people can access the NAS interface on the storage LAN.
So, I have a CentOS 5.5 box, connected to both networks that should handle this job. The office LAN is 172.29.38.0/24 and the storage LAN 10.1.2.0/24. IP adrresses of the linux box are 172.29.38.98 (eth0) and 10.1.2.98 (eth1).First I started by enabling IP-forwarding in the kernel:
Code:
# cat /proc/sys/net/ipv4/ip_forward
Below is a copy of the iptables in use:
Code:
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
[code]....
It just never seems to get to the machine on the other side. I've verified that I can access both networks from the router and I can ping the router from my client.
View 11 Replies
ADVERTISEMENT
Feb 26, 2010
I have a question about port forwarding. I have an internal Red Hat server and I would like to use it as a central connection point to some back end servers. This is not an internet router setup. I was thinking I could use iptables and do port forwarding similar to an internet router but internal to internal.
Basically I would like to take any connections to port 22 on server1 interface eth0 and forward them out of interface eth1 to server2 port 22.I am finding a lot of information on port forwarding, but it is all based on using an internet router that is passing through to an internal server. I need to know how to configure a basic linux setup with no existing iptables entries so that I can do this within an existing network.Also, if there is a better or easier approach I would appreciate any direction. I don't want to do this through an SSH tunnel.I know to start I need the following to enable forwarding in the kernel and a firewall PREROUTING rule.
View 5 Replies
View Related
Apr 9, 2010
I have an internal network behind a server <10.0.0.1> connected to the internet that NATs my ip <10.17.11.88> only. NAT is not allowed to any other ip addresses. When I use Transmission Bittorrent client to download torrents, The thing is that this 10.20.0.244 is not my machine and doesn't have access to the internet at all. What is happening here? Can anyone help me?
View 8 Replies
View Related
Feb 7, 2010
I am setting up Apache (Fedora 12) inside my home network. From inside my home network I access it without any problem. I need to set it up to access it from internet. I have the following questions. Here is temporary setup for testing purpose.
Internet-->ADSL modem (SEIMENS Speed Stream 4200)---> Apache (Fedora 12)
1. Do I have to do any kind of ports forwarding on ADSL modem. (There is no option to do port forwarding on Modem) May be I need different Model of Modem??
2. I tired to Ping my real IP for modem form another computer from internet. I am even unable to PING the ADSL 's real IP. Why it is that?
View 6 Replies
View Related
Nov 30, 2009
I have recently installed Centos 5.4 on a server with 3 network cards. I am trying to enable IP forwarding which has been successful by executing the following command:
echo 1 > /proc/sys/net/ipv4/ip_forward
I tried to make this permanent by adding net.ipv4.conf.default.forwarding=1 to the /etc/sysctl.conf file.
When I restart the network service I get the following code...
View 2 Replies
View Related
Dec 12, 2009
I have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
Code:
PORT STATE SERVICE
22350/tcp closed unknown
[code]....
View 2 Replies
View Related
Apr 21, 2011
I was setting up a new 11.4 system and disabled ip6 as we don't use it. After that I couldn't get X11 forwarding working. After searching around for a while, I found this topic [URL] ssh-x11-forwarding.html which at the end mentions enabling ip6. Magically, after doing that and rebooting I can now do X11 forwarding again. Just seems strange that IP6 is needed for X11 forwarding.
View 1 Replies
View Related
Jan 12, 2010
Ethernet configuration:
- eth0 private net
- eth1 internet
eth1 is connected to a cable modem and uses dhcp. After migrating to suse-11.2 ip-forwarding (once the system is up and running) is sometimes deactivated and i have no clue why. /etc/syslog.conf has an entry net.ipv4.ip_forwarding = 1
i have modified the SuSE-scripts /sbin/SuSEfirewall /sbin/ifup-dhcp /etc/init.d/SuSEfirewall2_setup to make sure each time my firewall-rules are loaded ip-forwarding is explicitly enabled. This worked perfectly with suse-11.0. Now ip-forwarding is enabled after a system reboot or after one of the above scripts is called, but somewhere somehow ip-forwarding is always deactivated and i have no idea how this happens. This may happen after 5 minutes or after 5 hours. As a workaround i created a cronjob running every 5 minutes issuing a sysctl-command to enable ip-forwarding.
View 9 Replies
View Related
Apr 26, 2010
I'm running suse 11.1 which is configured as a router. Configured are two DSL connections with static IP's and one LAN connection (3 NIC's all together).
Problem: suse firewall will only port forward connections from one of the DSL connections and not the other.
Because I'm running two DSL connections is there something special I have to turn on/enable on the firewall?
View 1 Replies
View Related
Jan 15, 2011
I used to have Opensuse 11.0 and Vuze 4.0.2 and both were working great. Recently I upgraded to OpenSuse 11.3 and installed Vuze 4.5.10. I did not change any configuration in the ADSL router but now I could not get the smiley icon to go green. I followed all the steps given here: A Quick Bittorrent Guide (with screenshots). It doesn't work. so I modified FW_ROUTE and FW_MASQUERADE to yes in /etc/sysconfig/SuSefirewall2. That also does not work. What did I miss here? My ADSL router is DSL-2640T.
View 3 Replies
View Related
Jun 11, 2011
I have an OpenVPN(10.04.2 LTS) server running in bridge (TAP) mode. Its sitting behind a router and then a cable modem. The VPN works perfectly but I have a security concern. In order to allow the VPN clients to connect to the internet, I had to enable IPv4 forwarding on the server. Is this is a security hole? Can a hacker access my servers connection from the internet (without authenticating with OpenVPN) and access my network. Can someone use Ipv4 forwarding to access my LAN network from the WAN
I used this command to enable ipv4 forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
Without IPv4 forwarding my VPN clients can only access my LAN and router, but they cannot reach my modem or the internet.
[Code]...
View 1 Replies
View Related
Mar 26, 2010
we have here a few openSUSE-machines (some 11.1 and 11.2) which mounts their /home from a NFS-Server and imports the users via NIS. I now wanted to use X-Forwarding via SSH, but that doesn't work with NIS-Users.On my machine I use Gnome and my XAUTHORITY-Variable points to /var/run/gdm/auth-for-bup_deg-E3TMSz/database
Why isn't the default ~/.Xauthority-File used for my cookies? What do I have to change to get X-Forwarding in my Setup running?
View 1 Replies
View Related
May 17, 2011
I have two SUSE(2.6) virtual machines running in the same subnet with two network cards each as shown below.
VM1------------------------------------------------------------------------------
appstage1:~ # ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:22:5A:24
inet addr:192.168.128.12 Bcast:192.168.128.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe22:5a24/64 Scope:Link
[Code]....
Ultimately my DB will run in VM2 and any DB requests coming in at 2055 of VM1 should be forwarded to port 2055 of VM2. Since I do not yet have a DB running I am trying to test with netcat.
View 5 Replies
View Related
Jan 30, 2011
I want to share my WiFi internet connection over LAN, so I'm trying to set up IP forwarding. An old tutorial tells me to go to Network Settings in YaST to do this, but that applet says that NetworkManager is now handling all of that stuff.How do I enable IP forwarding while NetworkManager handles my internet connections?
View 2 Replies
View Related
Mar 27, 2011
I have 2 different networks: the first one is gateway machine (eth0), and the second is a private machine (eth1). So, I've configured the iptables and forwarding stuff and when I try to ping google.com on the gateway machine, it works, while it doesn't work on the private network. Note: I am using VmWare 7. I need your quick assistance about this issue.
View 2 Replies
View Related
Jan 20, 2010
I have x11 forwarding enabled in /etc/ssh/sshd_config on a suse 11.2 32 bit box running kde I can open x apps on a windows machine using xming and putty just fine, but when I boot the same machine into suse 11.2 64 bit using kde and try using konsole I get: cannot connect to x server
The command I'm using to log in is: ssh -X -l username host I doubt the problem is with the server I'm logging into or it wouldn't work in windows, not really sure what to look for as I've never had a problem using x11 forwarding from a linux client before only windows ones
View 7 Replies
View Related
May 23, 2010
How do you configure the firewall to allow external web access (it's a LAMP server) and internal access for samba shares ?
View 6 Replies
View Related
Jun 2, 2010
We have on Ubuntu 10.04 LTS installed on one m/c which is connected to office network using pptp vpn.Now i want to enable ip-forwarding on this m/c so that i can connect my RH9 m/c through this. For enabling ip forwarding i did the basic thing "echo "1">/proc/sys/net/ipv4/ip_forward" And added route on the RH m/c as route add -net 10.254.254.0 netmask 255.255.255.0 gw 192.168.1.10 dev eth0" (IP of Ubuntu m/c is "192.168.1.10 and RH m/c is 192.168.1.15) But some how ip-forwarding is not working properly.
View 4 Replies
View Related
Dec 13, 2010
I have 2 Linux boxes one acting as a router with a direct connection to the internet, second as a server using the first box as a gateway to the internet. I need to forward requests that I get from the outside to port 8400 to my internal server box at 192.168.0.7:8400
Router IP 192.168.0.5
Server IP 192.168.0.7
iptables -t nat -A PREROUTING -p tcp -d [internet ip] --dport 8400 -j DNAT
[code]...
These rules are on the router (192.168.0.5) I've been trying to find a solution for hours with no success. Basically the problem is I can forward ports on the same box but not to a different ip.
View 1 Replies
View Related
Nov 21, 2010
I have a ubuntu 9.10 on my desktop in my office and I have another ubuntu on my home desktop. Both machines are behind a router. I guess many people have already asked the same question: how to remote control the office desktop from my home desktop?Many posts discussed about solving this by setting up ssh and port forwarding. But my situation is that I cannot control the router in my office so I cannot set up any port forwarding for my office desktop. So I guess my question becomes how to remote control my office desktop without setting up any port forwarding on the office router.
View 3 Replies
View Related
Mar 26, 2011
I currently use a commercial VPN when working overseas for secure internet access.
I now also need to VNC to a home ubuntu desktop (which runs software 24/7 that I need to periodically check).
When overseas, I use a Ubuntu laptop and an Android tablet.
For the VNC I intend to use an SSH tunnel. So my question is: should I ALSO set up openVPN on the home computer (so I can stop paying for a commercial provider which routes all my traffic twice across the Atlantic...) or is it easier/better to use the SSH tunnel for the secure webbrowsing too? Something like a SOCKS proxy?
View 8 Replies
View Related
Jan 8, 2010
We have one linux machine in the office which happens to be an important firewall. I just know the basics and need to make one changeEssentially it is forward mysql traffic to another internal machine.This is the original rule (forward to 192.20.0.17) which is working
Code:
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 3306 -j allowed
$IPTABLES -t nat -A PREROUTING -p TCP -i $INET_IFACE -d $STATIC_IP --dport 3306 -j DNAT -
[code]....
View 2 Replies
View Related
Mar 23, 2011
I have my mail application running on xxxx port in IPv6 and IPv4 enviornment on Linux machine (RHEL 5).I want to forward IPv4 request comming from windows client
View 2 Replies
View Related
Mar 26, 2011
I would like to enable ipv6 forwarding . i have ipv6 module loaded.I added net.ipv6.conf.all.forwarding=1 in /etc/sysctl.conf .i tried reboot , did 'service network restart' .
.
Also I tried
sysctl -w net.ipv6.conf.all.forwarding=1
and
[code]....
View 1 Replies
View Related
Feb 15, 2011
I have 2 guest machines on 1 VBox host installed : - one guest with hostname 'debian' is configured as follows and has IP Forwarding enabled to be able to route traffic from eht1 to eth0.
Code:
eth0 Link encap:Ethernet HWaddr 08:00:27:f1:ef:5f
inet addr:10.0.2.1 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fef1:ef5f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
[Code]....
View 2 Replies
View Related
Aug 14, 2010
I have a CentOS box which is Internet Facing. It has 3 LAN's connected to it which are for virtual machines.
I want to port forward port 445 to a machine on one of the LAN interfaces. I have tried various ways to get it done, but still cannot access that port from the interface. I definately know device hosting port 445 is live, as I can ping it from the CentOS box and use lynx to access it! (It's a web server)
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 445 -j DNAT --to-destination 192.168.0.2:445
View 6 Replies
View Related
Jun 7, 2010
I've been Googling about port forwarding iptables and even though there's result and I've applied it in my script, I can't make iptables forwading request to another machine so I decided to ask help.
eth0 is my Internet Interface (1.2.3.4 is the public ip)
eth1 is my Lan Interface
eth2 is my DMZ Interface
[code]....
View 14 Replies
View Related
Apr 16, 2010
I have a legacy application that communicates status to a remote server over UDP. The server app replies back to the client with UDP as well, using the IP address it obtains from the sockaddr parameter of the recvfrom() method.
Code:
[----------------] [----------------]
[ client <->(udp)]<----- Ethernet -----> [(udp)<-> server ]
[----------------] [----------------]
I'm trying to replace the underlying use of ethernet, with a RS232 based radio/modem device - without making any src changes to the legacy apps. i.e. apps would still create and transmit UDP packets addressed to a remote IP address and listening port, and the receiver wouldn't know any difference. I'm relatively new to this level of network programming, but my first attempt has been to write an app that sniffs out outbound raw UDP packets (using pcap), transmit that data over the radio, and re-injects the UDP unchanged on the remote end.
Code:
[----------------] [----------------]
[ client <->(udp)] [(udp)<-> server ]
[ | ] [ ^ ]
[ v ] [ | ]
[ /capture/]<---- Radio XMIT ----> [/reinject/ ]
[----------------] [----------------]
My 'capture' app intercepts the UDP packets just fine when the machine is 'plugged' in, but as soon as I disconnect my network cable to test wireless, outbound packets addressed to a remote IP (ie. the server) are no longer captured (tho local UDP packets are picked up ok). Wireshark also does not report the original outbound packet, but it does show an ICMP packet reporting 'Host Unreachable'. I understand the host isn't reachable, but I'm confused as to why the packet isn't at least making it to the interface/network card. Is there anyway to get the force the kernel to 'transmit' the UDP packet anyway so that my capture app can intercept it? or is there a better/easier solution (again, w/o making source changes to the client/server)?
View 4 Replies
View Related
May 4, 2011
I have 2 Ubuntu boxes sitting in the same subnet; server 1 [130.15.6.68] and server 2 [130.15.6.69] What I am trying to achieve here is the following: server 1 act as a gateway or proxy to server 2, meaning that server 1 is exposed to the Internet and all traffic to server 2 should go though it (i hope!).
server 2 act as application server and I don't want a direct access to it from the internet. I want all the inbound traffic comes through server 1. for testing purposes, i will limit the traffic to simple http or port 80
in server 1, i have done the following settings: iptables -t nat -A PREROUTING -p tcp -i eth0 -d 130.15.6.68 --dport 80 -j DNAT --to 130.15.6.69:80 iptables -A FORWARD -p tcp -i eth0 -d 130.15.6.69 --dport 80 -j ACCEPT In server 1, I've edited the value of net.ipv4.ip_forward to equal 1 (uncomment that line in /etc/sysctl.conf) Currently, both server 1 and server 2 has its own apache2 servers with different index.html files. the problem is, when i browse to server 1, I am still seeing its index page rather than being forwarded to the index page of server 2. how can i achieve the traffic forwarding from server 1 to server 2 when my browser pointing to server 1?
View 3 Replies
View Related
Feb 3, 2010
I have two PC's, one with slackware and one with arch, and I am trying to access the web server from the archlinux machine but i haven't manage to do that. The archlinux machine is connect to the internet via the slackware machine via a crossover cable:
internet > eth0 (pc1) and ppp0 (the PPPoE connection, pc1) > eth1 (pc1) > eth0 (pc2)
PC1:
ifconfig eth1 192.168.0.1 netmask 255.255.255.0
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -j ACCEPT
pc2:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
ifconfig eth0 up
route add default gw 192.168.0.1 eth0
/etc/resolv.conf (The same DNS as the first PC)
And now the internet is working and on the archlinux machine, but I am not able to access the web server from LAN with a public IP. I tried many iptables port forwarding commands but none worked.
View 14 Replies
View Related
