"Firewall" NAT...

Support for security such as Firewalls and securing linux
mrpaulo
Posts: 16
Joined: 2007/06/10 14:18:50

"Firewall" NAT...

Postby mrpaulo » 2009/03/18 01:24:17

Hello All,

I need some help configuring my CentOS.

Now I have 2 interfaces:

eth0 - 10.0.0.0/8
eth1 - 192.168.0.0/24

How do I forward packets from eth0 to eth1 and vice-versa ?

I have already set "1" at /ip_forward (/proc/sys/net/ipv4/ip_forward). Also, I dont need any iptables rules, I can be all open.

What else do I have to do ?


Thanks !!

kaushalpatel198
Posts: 5
Joined: 2009/01/31 08:57:06
Location: Ahmedabad
Contact:

Re: "Firewall" NAT...

Postby kaushalpatel198 » 2009/03/18 05:18:41

You have done it right.

Just make sure you have use IP Address as your Default Gateway on each side machines.

mrpaulo
Posts: 16
Joined: 2007/06/10 14:18:50

Re: "Firewall" NAT...

Postby mrpaulo » 2009/03/18 15:19:08

Thanks for you message friend !

So... I must have mistaken on gateway and dns configuration. I will test later on and I`ll let you know.

Thanks

mrpaulo
Posts: 16
Joined: 2007/06/10 14:18:50

Re: "Firewall" NAT...

Postby mrpaulo » 2009/03/18 23:39:37

Hey, how is it going !?

Things are working now but I can not ping from my workstation in 10.0.0.x network to internet. Right now I have these configurations:

workstation
ip 10.0.0.2/8
gateway 10.0.0.1
dns 200.204.0.10

Firewall Nat
eth0 - 10.0.0.1/8 - static
gateway 10.0.0.1
eth1 - 192.168.0.2/24 - by dhcp
gateway 192.168.0.1

Router
192.168.0.1

I have tried many choices of changing gateway and dns configuration at workstation, but it did not work.

Any suggestion ?

mrpaulo
Posts: 16
Joined: 2007/06/10 14:18:50

Re: "Firewall" NAT...

Postby mrpaulo » 2009/03/19 00:55:41

FYI...

I can ping at my router (192.168.0.1) ! That is the far I can go.

Thanks

mrpaulo
Posts: 16
Joined: 2007/06/10 14:18:50

Re: "Firewall" NAT...

Postby mrpaulo » 2009/03/19 16:28:28

mrpaulo wrote:
FYI...

From UNIX machine, I can ping out to internet.
From workstations, I can ping at my router (192.168.0.1) ! That is the far I can go.

Thanks

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

"Firewall" NAT...

Postby gerald_clark » 2009/03/19 16:43:30

eth0 - 10.0.0.0/8
eth1 - 192.168.0.0/24
Thanks !!

192.168.0.0 is not a valid IP address.

mrpaulo
Posts: 16
Joined: 2007/06/10 14:18:50

Re: "Firewall" NAT...

Postby mrpaulo » 2009/03/19 16:48:54

Sorry... that interface I have 192.168.0.2/24

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

Re: "Firewall" NAT...

Postby gerald_clark » 2009/03/19 18:17:06

Firewall Nat
eth0 - 10.0.0.1/8 - static
gateway 10.0.0.1
eth1 - 192.168.0.2/24 - by dhcp
gateway 192.168.0.1


Why does this machine have itself as its gateway?

mrpaulo
Posts: 16
Joined: 2007/06/10 14:18:50

Re: "Firewall" NAT...

Postby mrpaulo » 2009/03/19 20:41:21

Hi !

I have tried that way also but it did not work:

Firewall Nat
eth0 - 10.0.0.1/8 - static
gateway 192.168.0.1

eth1 - 192.168.0.2/24 - by dhcp
gateway 192.168.0.1

Router 192.168.0.1

Any other suggestion ?