[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 777
  • Last Modified:

Help with iptables routing in ubuntu linux


Hi, i have this scenario:

- One router Cisco SOHO 97 that provides me internet with this
IP Address: 192.168.100.1
- One Windows 2003 Server With FileSharing Enabled with this
IP Address: 192.168.45.1
- Ten Workstations on This net: 192.168.100.X

I need to install an Ubuntu Server that acts as a Proxy and DHCP Server.
I have 2 NICs in this server and i need to route internet to the 192.168.100.x net acting as the gateway and route access to a file share in the server: 192.168.45.1 and also bring internet to that net (192.168.45.X)

How can I accomplish that with iptables?
0
alexinoa
Asked:
alexinoa
2 Solutions
 
BlazCommented:
If you don't need firewalling (blocking of ports) then you don't need iptables at all. You just have to configure correct routing.

Let's assume that your Ubuntu server will have IPs 192.168.100.2 and 192.168.45.2.

1. You have to set 192.168.45.2 as default gateway on all computers on network 192.168.45.X
2. You have to set default gateway 192.168.100.1 on Ubuntu server
3. You have to add a route 192.168.45.0/24 via 192.168.100.2 on your Cisco
4. Configure the Ubuntu for packet forwarding:
- set interface IPs
- echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables -I FORWARD -j ACCEPT
0
 
fosiul01Commented:
jUst Extra Add with Blaz

you need to do  MASQuerade in iptables


iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Here eth0 would be connected to the Isp  router ..

Same as Blaz just one line add :

eth0 = 192.168.2.1 [ Isp router]
eth1 = 10.0.0.2 [ Internal network]

Check if  IPv4 forwarding is ON or OFF :
cat /proc/sys/net/ipv4/ip_forward
if result = 0 then will have to On it by this command :

echo "1" > /proc/sys/net/ipv4/ip_forward

Now have to enable Enable IP masquerading by adding rules in iptables
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
[  Now all internet request will go via eth0]
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now