[K12OSN] Blocked net access

Nakashima pnakashi at k12.hi.us
Mon Apr 2 01:27:50 UTC 2007

On Saturday, January 13, 2007, at 01:56  PM, Nakashima wrote:

> On Saturday, January 13, 2007, at 01:14  AM, Nakashima wrote:
>>> John Lucas wrote:
>>>> Yes. Unless changes are made, your LTSP server is not set up as a 
>>>> router and won't pass packets from the "inside" network to the 
>>>> "outside" network. The terminals run processes on the server, which 
>>>> has access to both networks, but non-terminals attached to the 
>>>> "inside" do not have access to the outside. To keep the PCs on the 
>>>> inside and allow them out, you need to make several changes:
>>>> 	- turn on packet forwarding on the server (make it a router)
>>>> 	- give the server's inside address as a router in the DHCP stanza 
>>>> for the PCs
>>>> 	- make sure you don't have an IPTables rule preventing forwarding
>>>> 	- make sure your perimeter router knows the route back to the 
>>>> inside network
>>>> 	- make sure your perimeter firewall allows the inside network to 
>>>> forward
>>>> This is all basic TCP/IP networking 101 and is not specific to LTSP.
>>> K12LTSP should come with a script to do all of this, though.  Try
>>>  service nat on
>>> to start it and
>>>  chkconfig nat on
>>> to make it start automatically at boot up.  Your other routers 
>>> shouldn't
>>> need to know about the eth0 address range because outgoing packets
>>> nat to the eth1 address.  I thought this was normally set up during
>>> a default install.
>>> -- 
>>>   Les Mikesell
>>>     lesmikesell at gmail.com
>> Thanks John, Dan, and Les,
>> I did the following in Terminal
>> service nat start
>> chkconfig nat on
>> No luck.
>> I can ping addresses on the outside from an OS X  Mac, but can't get 
>> to the web with a browser.
>> I'm not very technical, so any further help you can provide will be 
>> greatly appreciated.
>> --Peter
> I received a tip to check the DNS settings. I will be doing that on 
> Tuesday.
> Thanks  :-)
> --Peter

Just wanted to finish up the thread. It turned out to be the firewall. 
Once I disabled the firewall, everything worked.
Thanks for all the help.

More information about the K12OSN mailing list