?
Solved

linux as route

Posted on 2003-02-19
9
Medium Priority
?
278 Views
Last Modified: 2013-12-15
Dear all,
I use red hat 7.3 as private ISP.
situation as follow
  1. linux+ADSL pppoe connect internet OK (eth0, ppp0)
  2. linux com port + MODEM
  3. win98 client dial-up connect OK (ppp1, use private ip 10.10.10.X)
  4. after dial-in, linux route has a row for 10.10.10.x
  5. linux ip-forward enabled
  6. setting no firewall
  7. client connect linux OK, but internet fail.

Anything else?
regards
ginaa
0
Comment
Question by:ginaa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7987171
> .. but internet fail.
what do you mean by that?
0
 

Author Comment

by:ginaa
ID: 7993507
I mean my win98 client can not connect internet through my linux.

regards
ginaa
0
 

Expert Comment

by:subv3rsiv3
ID: 7995056
You want IP Masquerading, also known as Network Address Translation, or NAT.  The functionality is available through any of the three firewall tools.

The quickest method, using IPCHAINS as root:

# modprobe ipchains
# ipchains -A FORWARD -s 10.0.0.0/255.0.0.0 -j MASQ

The single ipchains line above will forward your entire 10.x.x.x subnet through the linux box to the internet.  You will also need your DSL to be the default route on the linux box (very important).  This makes it easy to set up a "home" or "trusted" network using DHCP grants for the same subnet, so to get internet access, it's literally "plug-n-play" with the network jack.  Note that ipchains has some limitations that cause FTP to not work, but there are some modules you can probe for that work around these issues.

It's a little more involved for iptables, but the stateless inspection makes life so much easier...and is nearly rid of any of the issues of ipchains.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:ginaa
ID: 8015119
follow you instructions
I got a message:
>> ipchains: protocol not available
What's the problem?
I already check the item of ipchains in setup/service screen

regards
ginaa
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 8015340
sounds like you have iptables, try this:

  iptables -t nat -A POSTROUTING -o wan-nic -j MASQUERADE

(where you replace wan-nic bythe interface name connected to your ADSL router)
0
 

Author Comment

by:ginaa
ID: 8076459
Thanks for response
After execute "iptables -t nat -A POSTROUTING -o wan-nic -j MASQUERADE", it works.
But then I reboot linux box, I can not dial in anymore.
I got a error msg:
   LCP: timeout sending Config-Requests
What's up?
I have two lines in file "pap-secrets", one for linux box ADSL dial-out, the other for client dial-in linux box.
file "options.ttyS1" as follow
 auth
 +pap
 persist
 passive
 ktune
 10.10.11.1:10.10.11.3
Any suggestion?

regards
ginaa
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 800 total points
ID: 8078059
> But then I reboot linux box, I can not dial in anymore.

the iptables command I gave is not persistent, you need to write it into some of the rc-scripts called while booting.

That you cannot dial out seems to have another reason, probably your routing is not correct. Did you check? for example with
  netstat -rn
0
 

Author Comment

by:ginaa
ID: 8085152
thanks, ahoffmann
your iptables command solve my question here.
so i will accept as answer.
can not dial-in linux box after reboot may be another problem.
or simultaneously dial-in and dial-out should have special setting.
maybe i need to create another question.

regards
ginaa

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 8087219
Thank. You're welcome.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month9 days, 9 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question