Solved

Configuring RH7.1 as a gateway to the internet

Posted on 2001-08-19
19
257 Views
Last Modified: 2010-03-18
I need to have my Linux box as a gateway to the internet, I have 2 nics in the Linux box and one in Win2000, how do I set up Linux to act as a gateway?
0
Comment
Question by:proximus
  • 4
  • 3
  • 2
  • +9
19 Comments
 
LVL 28

Expert Comment

by:vinnyd79
Comment Utility

What type of internet connection are you using?
0
 
LVL 5

Expert Comment

by:matt023
Comment Utility
do you have a DSL connection or a cable modem?  In both cases, connect one of the NIC's on the Linux box to the DSL or cable modem box and follow the following direction:
-  on that interface, configure the appropriate IP address parameter (provided by your carrier or ISP - external address).
-  configure the external Linux interface to use the appropriate default gateway (as provided by your ISP or the DSL/cable box if there's an ip address on it).
-  configure the other NIC to use an internal address (same subnet as your Win2k box - ie: 192.168.1.x).
-  put the following lines into the end of /etc/rc.d/rc.local:
    /sbin/ipchains -F forward
    /sbin/ipchains -P forward DENY
    /sbin/ipchains -A forward -i eth0 -j MASQ
    echo "1" > /proc/sys/net/ipv4/ip_forward
-  configure your Win2k box to use the Linux internal interface as the default gateway.

you're done.
 
   
0
 
LVL 3

Expert Comment

by:tdaoud
Comment Utility

Do you have a private IP network or a real IP one that is routed?

If you are talking about a gateway to a network it must be a routed IP network.

But if you are talking about getting to the Internet while haveing a private IP network, I can suggest that you use SQUID (a proxy server) for browsing the Internet and, as suggested by matt023, ipchains for masqurading telnets, ftps, and other connections.

Tarik
0
 
LVL 2

Accepted Solution

by:
ifincham earned 300 total points
Comment Utility
Hi,

Matt023 has pretty much said it all on the masquerading.. In case you need to know about the cabling side - If you only have two boxes, the simplest is to get a cat5 'crossover' cable and plug one end into the winbox nic and the other into the linux box nic. Otherwise, you could get a cheap hub but you'll then need two patch cables. On the ipchains command, the 'i eth0' bit would be the internet connected interface which could also be 'eth1' depending on which slot the cards are in.

You'd have something like this :

winbox

ip 172.16.16.1
mask 255.255.0.0
default gateway 172.16.16.2

redhat 7.1 (lan interface)

ip 172.16.16.2
mask 255.255.0.0

(configure via 'netcfg' or 'linuxconf')


Also, if you are using a 2.4 series kernel with iptables instead of ipchains the equivalent masquerade code would be :

# load nat module & set-up masquerading...
modprobe iptable_nat
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

Hope this helps
0
 
LVL 17

Expert Comment

by:psimation
Comment Utility
Listening ( actually hoping proximus says he uses a normal modem ... ;) )
0
 

Author Comment

by:proximus
Comment Utility
Thanks you guys sorry I've been away from my computer since I posted it, I have a cable modem, and all the cabling is set up properly just needed to know how to set up masquerading. Thanks
0
 

Author Comment

by:proximus
Comment Utility
Oh and I'm using the 2.4 kernel,
0
 

Author Comment

by:proximus
Comment Utility
Oh and I'm using the 2.4 kernel,
0
 

Author Comment

by:proximus
Comment Utility
It seems that none of this seems to work, when I use ifincham's 2.4 code it seems that everything fails, and the last line tells me to upgrade iptables or my kernel, perhaps by default RH didn't use tables, but kept the chains, cause the chains give me no errors but it still doesn't work. So I'm going to give more info here. On gateway machine(linux) Using RH7.1(2.4 kernel), 2 3Com network cards, mototolla cable modem, static ip on both NIC's. The ip for the NIC connected to my Win2000 machine is 192.168.1.5, Subnet, 255.255.255.0, on my Windows machine the NIC's IP is 192.168.1.6, Subnet 255.255.255.0. Now I want to be able to FTP, surf the web,etc... the usual stuff.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 4

Expert Comment

by:Gibble
Comment Utility
*listening and learning*
0
 
LVL 14

Expert Comment

by:xberry
Comment Utility
Please anyone can help with that question ?

http://www.experts-exchange.com/jsp/qShow.jsp?ta=linux&qid=11383240
0
 

Expert Comment

by:HandyAndy
Comment Utility
Personally, I think that using RedHat is overkill and more work than necessary for a gateway.

I use Freesco - http://www.freesco.org . It can run from a floppy disk in as little as a 386 with 6Mb, I currently use it as a dial-up gateway in a 486 with 16Mb RAM and an 80Mb HD. So you can use that an old, cheap machine for the job - in fact, quite a few people have one suitable just lying around...

Anyway, it is a firewall, router, with masquerading, etc. It has a small web server and a web admin/control panel.
0
 
LVL 4

Expert Comment

by:Gibble
Comment Utility
Problem is finding ISA NICs to work with that 386 :p
0
 

Expert Comment

by:HandyAndy
Comment Utility
Or even finding a 386, for that matter :)
0
 
LVL 4

Expert Comment

by:Gibble
Comment Utility
Those I have kicking around...I think, they might be old 486s?  I threw out most of that junk.
0
 
LVL 27

Expert Comment

by:Asta Cu
Comment Utility
Hopefully you've already been helped with this question, but thought you'd appreciate knowing this.  It would be great if you could bring this question to a conclusion, awarding the experts above who helped you with points or a comment to them on your status today.

WindowsUpdate has new updates for .NET users; Details follow - Microsoft .NET Framework
The .NET Framework is a new feature of Windows. Applications built using the .NET Framework are more reliable and secure. You need to install the .NET Framework only if you have software that requires it.

For more information about the .NET Framework, see http://www.microsoft.com/net. (This site is in English.)

System Requirements
The .NET Framework can be installed on the following operating systems:
Windows 98
Windows 98 Second Edition (SE)
Windows Millennium Edition (Windows Me)
Windows NT 4.0® (Workstation or Server) with Service Pack 6.0a
Windows 2000 with the latest service pack installed (Professional, Server, Datacenter Server, or Advanced Server)
Windows XP (Home Edition and Professional)
You must be running Internet Explorer version 5.01 or later for all installations of the .NET Framework.

To install the .NET Framework, your computer must meet or exceed the following software and hardware requirements:

Software requirements for server operating systems:
MDAC 2.6
Hardware requirements:
For computers running only a .NET Framework application, Pentium 90 mHz CPU with 32 MB memory or the minimum CPU and RAM required by the operating system, whichever is higher.
For server operating systems, Pentium 133 mHz CPU with 128 MB memory or the minimum CPU and RAM required by the operating system, whichever is higher.
Recomended software:
MDAC 2.7 is recommended.
Recommended hardware: For computers running only a .NET Framework application, Pentium 90 MHz CPU with 96 MB memory or the minimum CPU and RAM required by the operating system, whichever is higher.
For server operating systems, Pentium 133 MHz CPU with 256 MB memory or the minimum CPU and RAM required by the operating system, whichever is higher.

How to use -> Restart your computer to complete the installation. No other action is required to run .NET Framework applications. If you are developing applications using the .NET Framework, you can use the command-line compilers or you can use a development environment, such as Visual Studio .NET, that supports using the .NET Framework.

How to uninstall
To uninstall the .NET Framework: Click Start, point to Settings, and then click Control Panel (In Windows XP, click Start and then click Control Panel.).
Click Add/Remove Programs.
Click Microsoft .NET Framework (English) v1.0.3705 and then click Change/Remove.
More here  http://www.microsoft.com/net/

The .NET topic is being considered for addition to our All Topics link soon, so this may interest you as well:
http://www.experts-exchange.com/newtopics/Q.20276589.html

EXPERTS POINTS are waiting to be claimed here:  http://www.experts-exchange.com/commspt/Q.20277028.html

":0)
Asta


0
 

Expert Comment

by:CleanupPing
Comment Utility
proximus:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 7

Expert Comment

by:troopern
Comment Utility
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Accept ifincham's comment as answer.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

troopern
EE Cleanup Volunteer
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now