set up NAT (network address translation) on local server
Antonio Olivares
olivares14031 at yahoo.com
Wed Nov 19 23:13:50 UTC 2008
--- On Wed, 11/19/08, Craig White <craigwhite at azapple.com> wrote:
> From: Craig White <craigwhite at azapple.com>
> Subject: Re: set up NAT (network address translation) on local server
> To: olivares14031 at yahoo.com, "Community assistance, encouragement, and advice for using Fedora." <fedora-list at redhat.com>
> Date: Wednesday, November 19, 2008, 2:20 PM
> On Wed, 2008-11-19 at 13:09 -0800, Antonio Olivares wrote:
> > --- On Wed, 11/19/08, Antonio Olivares
> <olivares14031 at yahoo.com> wrote:
> >
> > > From: Antonio Olivares
> <olivares14031 at yahoo.com>
> > > Subject: set up NAT (network address translation)
> on local server
> > > To: fedora-list at redhat.com
> > > Date: Wednesday, November 19, 2008, 12:59 PM
> > > Dear all,
> > >
> > > Starting new thread to clear up the other one:
> > > Re: Make a DHCP server using Fedora - Help
> > >
> > > After going through the steps outlined and the
> guidance
> > > provided by great individuals that participate in
> this list
> > > :)
> > >
> > > /* Done now added eth1 to DHCPARGS */
> > > [olivares at localhost ~]$ cat /etc/sysconfig/dhcpd
> > > DHCPDARGS=eth1
> > >
> > >
> > > I need a little bit of help in setting up NAT. I
> can use
> > > the system-config-firewall or I can try using
> webmin or from
> > > command line, I feel I can achieve the goal.
> > >
> > > How should I begin?
> > >
> > > I had done this before, but because of other
> problems
> > > between the devices and my errors, it did not
> work :(
> > >
> > > # Forward all packets from eth1 (internal
> network) to eth0
> > > (the public internet)
> > > iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
> > > # Forward packets that are part of existing and
> related
> > > connections from eth0 to eth1
> > > iptables -A FORWARD -i eth0 -o eth1 -m state
> --state
> > > ESTABLISHED,RELATED -j ACCEPT
> > > # Enable SNAT functionality on eth0. a.b.c.d are
> generally
> > > the ip of the eth0
> > > iptables -A POSTROUTING -t nat -s 192.168.1.0/24
> -o eth0 -j
> > > SNAT --to-source a
> > >
> > > Thank you for helping,
> > >
> > > Regards,
> > >
> > > Antonio
> > >
> > >
> > >
> > >
> > > --
> > Sorry to reply to my own thread, but some might ask if
> I did the following and here's what I have done.
> >
> > Did this part :
> >
> > [olivares at localhost ~]$ su -
> > Password:
> > [root at localhost ~]# service dhcpd restart
> > Starting dhcpd:
> [ OK ]
> > [root at localhost ~]# tail -f /var/log/messages
>
> > Nov 19 15:00:02 localhost dhcpd: Copyright 2004-2007
> Internet Systems Consortium.
>
> > Nov 19 15:00:02 localhost dhcpd: All rights reserved.
>
> > Nov 19 15:00:02 localhost dhcpd: For info, please
> visit http://www.isc.org/sw/dhcp/
>
> > Nov 19 15:00:02 localhost dhcpd: Not searching LDAP
> since ldap-server, ldap-port and ldap-base-dn were not
> specified in the config file
> > Nov 19 15:00:02 localhost dhcpd: Wrote 2 leases to
> leases file.
> > Nov 19 15:00:02 localhost dhcpd: Listening on
> LPF/eth1/00:60:97:c5:2a:c3/192.168.0.0/24
>
> > Nov 19 15:00:02 localhost dhcpd: Sending on
> LPF/eth1/00:60:97:c5:2a:c3/192.168.0.0/24
>
> > Nov 19 15:00:02 localhost dhcpd: Sending on
> Socket/fallback/fallback-net
> > Nov 19 15:00:06 localhost dhcpd: DHCPREQUEST for
> 192.168.0.3 from 00:11:2f:35:88:2e via eth1
>
> > Nov 19 15:00:06 localhost dhcpd: DHCPACK on
> 192.168.0.3 to 00:11:2f:35:88:2e via eth1
>
> > Nov 19 15:00:22 localhost dhcpd: DHCPDISCOVER from
> 00:d0:b7:c1:09:58 via eth1
> > Nov 19 15:00:23 localhost dhcpd: DHCPOFFER on
> 192.168.0.2 to 00:d0:b7:c1:09:58 (6355-hthhzebqqx) via eth1
>
> > Nov 19 15:00:23 localhost dhcpd: DHCPREQUEST for
> 192.168.0.2 (192.168.0.1) from 00:d0:b7:c1:09:58
> (6355-hthhzebqqx) via eth1
>
> > Nov 19 15:00:23 localhost dhcpd: DHCPACK on
> 192.168.0.2 to 00:d0:b7:c1:09:58 (6355-hthhzebqqx) via eth1
>
> > Nov 19 15:00:33 localhost dhcpd: DHCPINFORM from
> 192.168.0.2 via eth1
> > Nov 19 15:00:33 localhost dhcpd: DHCPACK to
> 192.168.0.2 (00:d0:b7:c1:09:58) via eth1
>
> > Nov 19 15:00:37 localhost dhcpd: DHCPINFORM from
> 192.168.0.2 via eth1
> > Nov 19 15:00:37 localhost dhcpd: DHCPACK to
> 192.168.0.2 (00:d0:b7:c1:09:58) via eth1
> >
> > >From one of the machines I get :
> >
> > [olivares at localhost ~]$ cat /media/STAPLES\
> UFD/computer1.txt
> >
> > Windows 2000 IP Configuration
> >
> > Host Name . . . . . . . . . . . . :
> 6355-hthhzebqqx
> > Primary DNS Suffix . . . . . . . :
>
> > Node Type . . . . . . . . . . . . : Hybrid
>
> > IP Routing Enabled. . . . . . . . : No
>
> > WINS Proxy Enabled. . . . . . . . : No
>
> >
> > Ethernet adapter Local Area Connection:
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : Intel(R)
> 82559 Fast Ethernet LAN onMotherboard
> > Physical Address. . . . . . . . . :
> 00-D0-B7-C1-09-58
> > DHCP Enabled. . . . . . . . . . . : Yes
> > Autoconfiguration Enabled . . . . : Yes
> > IP Address. . . . . . . . . . . . :
> 192.168.0.2
> > Subnet Mask . . . . . . . . . . . :
> 255.255.255.0
> > Default Gateway . . . . . . . . . :
> 192.168.0.1
> > DHCP Server . . . . . . . . . . . :
> 192.168.0.1
> > DNS Servers . . . . . . . . . . . :
> 10.154.16.130
> > 10.128.0.4
> > Lease Obtained. . . . . . . . . . : Wednesday,
> November 19, 2008 2:57:58 PM
> > Lease Expires . . . . . . . . . . : Wednesday,
> November 19, 2008 8:57:58 PM
> > [olivares at localhost ~]$
> >
> > DNS appear to be correct, but I cannot browse. I am
> almost there. Just a little thing here or there and it will
> be done :)
> ----
> eliminate DNS from the equation for the time being because
> I think your
> problem is routing still...
>
> # host www.yahoo.com
> www.yahoo.com is an alias for www.wa1.b.yahoo.com.
> www.wa1.b.yahoo.com is an alias for
> www-real.wa1.b.yahoo.com.
> www-real.wa1.b.yahoo.com has address 209.131.36.158
>
> So on one of your workstations, try
>
> ping 209.131.36.158
> ping www.yahoo.com
>
> If only the 209.131.36.158 succeeds, your problem is DNS.
> If both fail,
> your problem is routing (probably something in your
> IPTABLES setup on
> your system doing the forwarding/routing).
>
> Craig
Here is what happens :
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.
C:\Documents and Settings\6355-win2000>ipconfig /all
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : 6355-hthhzebqqx
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LAN on
Motherboard
Physical Address. . . . . . . . . : 00-D0-B7-C1-09-58
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 10.154.16.130
10.128.0.4
Lease Obtained. . . . . . . . . . : Wednesday, November 19, 2008 5:03:54
PM
Lease Expires . . . . . . . . . . : Wednesday, November 19, 2008 11:03:5
4 PM
C:\Documents and Settings\6355-win2000>ping 209.131.36.158
Pinging 209.131.36.158 with 32 bytes of data:
Reply from 192.168.0.1: Destination host unreachable.
Reply from 192.168.0.1: Destination host unreachable.
Reply from 192.168.0.1: Destination host unreachable.
Reply from 192.168.0.1: Destination host unreachable.
Ping statistics for 209.131.36.158:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\Documents and Settings\6355-win2000>ping www.yahoo.com
Unknown host www.yahoo.com.
C:\Documents and Settings\6355-win2000>
The problem is still at routing then :(
Thanks for helping. Which rules should I try out?
Regards,
Antonio
More information about the fedora-list
mailing list