[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: set up NAT (network address translation) on local server



On Wed, 2008-11-19 at 13:09 -0800, Antonio Olivares wrote:
> --- On Wed, 11/19/08, Antonio Olivares <olivares14031 yahoo com> wrote:
> 
> > From: Antonio Olivares <olivares14031 yahoo com>
> > Subject: set up NAT (network address translation) on local server
> > To: fedora-list redhat com
> > Date: Wednesday, November 19, 2008, 12:59 PM
> > Dear all,
> > 
> > Starting new thread to clear up the other one:
> > Re: Make a DHCP server using Fedora - Help
> > 
> > After going through the steps outlined and the guidance
> > provided by great individuals that participate in this list
> > :)
> > 
> > /* Done now added eth1 to DHCPARGS */ 
> > [olivares localhost ~]$ cat /etc/sysconfig/dhcpd
> > DHCPDARGS=eth1
> > 
> > 
> > I need a little bit of help in setting up NAT.  I can use
> > the system-config-firewall or I can try using webmin or from
> > command line, I feel I can achieve the goal.
> > 
> > How should I begin?
> > 
> > I had done this before, but because of other problems
> > between the devices and my errors, it did not work :(
> > 
> > # Forward all packets from eth1 (internal network) to eth0
> > (the public internet)
> > iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
> > # Forward packets that are part of existing and related
> > connections from eth0 to eth1
> > iptables -A FORWARD -i eth0 -o eth1 -m state --state
> > ESTABLISHED,RELATED -j ACCEPT
> > # Enable SNAT functionality on eth0. a.b.c.d are generally
> > the ip of the eth0
> > iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o eth0 -j
> > SNAT --to-source a
> > 
> > Thank you for helping,
> > 
> > Regards,
> > 
> > Antonio 
> > 
> > 
> >       
> > 
> > -- 
> Sorry to reply to my own thread, but some might ask if I did the following and here's what I have done.  
> 
> Did this part : 
> 
> [olivares localhost ~]$ su -                    
> Password:                                       
> [root localhost ~]# service dhcpd restart       
> Starting dhcpd:                                            [  OK  ]
> [root localhost ~]# tail -f /var/log/messages                      
> Nov 19 15:00:02 localhost dhcpd: Copyright 2004-2007 Internet Systems Consortium.                                                                               
> Nov 19 15:00:02 localhost dhcpd: All rights reserved.                           
> Nov 19 15:00:02 localhost dhcpd: For info, please visit http://www.isc.org/sw/dhcp/                                                                             
> Nov 19 15:00:02 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file                         
> Nov 19 15:00:02 localhost dhcpd: Wrote 2 leases to leases file.                 
> Nov 19 15:00:02 localhost dhcpd: Listening on LPF/eth1/00:60:97:c5:2a:c3/192.168.0.0/24                                                                         
> Nov 19 15:00:02 localhost dhcpd: Sending on   LPF/eth1/00:60:97:c5:2a:c3/192.168.0.0/24                                                                         
> Nov 19 15:00:02 localhost dhcpd: Sending on   Socket/fallback/fallback-net      
> Nov 19 15:00:06 localhost dhcpd: DHCPREQUEST for 192.168.0.3 from 00:11:2f:35:88:2e via eth1                                                                    
> Nov 19 15:00:06 localhost dhcpd: DHCPACK on 192.168.0.3 to 00:11:2f:35:88:2e via eth1                                                                           
> Nov 19 15:00:22 localhost dhcpd: DHCPDISCOVER from 00:d0:b7:c1:09:58 via eth1   
> Nov 19 15:00:23 localhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:d0:b7:c1:09:58 (6355-hthhzebqqx) via eth1                                                       
> Nov 19 15:00:23 localhost dhcpd: DHCPREQUEST for 192.168.0.2 (192.168.0.1) from 00:d0:b7:c1:09:58 (6355-hthhzebqqx) via eth1                                    
> Nov 19 15:00:23 localhost dhcpd: DHCPACK on 192.168.0.2 to 00:d0:b7:c1:09:58 (6355-hthhzebqqx) via eth1                                                         
> Nov 19 15:00:33 localhost dhcpd: DHCPINFORM from 192.168.0.2 via eth1           
> Nov 19 15:00:33 localhost dhcpd: DHCPACK to 192.168.0.2 (00:d0:b7:c1:09:58) via eth1                                                                            
> Nov 19 15:00:37 localhost dhcpd: DHCPINFORM from 192.168.0.2 via eth1           
> Nov 19 15:00:37 localhost dhcpd: DHCPACK to 192.168.0.2 (00:d0:b7:c1:09:58) via eth1                
> 
> >From one of the machines I get :
> 
> [olivares localhost ~]$ cat /media/STAPLES\ UFD/computer1.txt 
> 
> Windows 2000 IP Configuration
> 
>         Host Name . . . . . . . . . . . . : 6355-hthhzebqqx
>         Primary DNS Suffix  . . . . . . . :                
>         Node Type . . . . . . . . . . . . : Hybrid         
>         IP Routing Enabled. . . . . . . . : No             
>         WINS Proxy Enabled. . . . . . . . : No             
> 
> Ethernet adapter Local Area Connection:
> 
>         Connection-specific DNS Suffix  . :
>         Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LAN onMotherboard
>         Physical Address. . . . . . . . . : 00-D0-B7-C1-09-58
>         DHCP Enabled. . . . . . . . . . . : Yes
>         Autoconfiguration Enabled . . . . : Yes
>         IP Address. . . . . . . . . . . . : 192.168.0.2
>         Subnet Mask . . . . . . . . . . . : 255.255.255.0
>         Default Gateway . . . . . . . . . : 192.168.0.1
>         DHCP Server . . . . . . . . . . . : 192.168.0.1
>         DNS Servers . . . . . . . . . . . : 10.154.16.130
>                                             10.128.0.4
>         Lease Obtained. . . . . . . . . . : Wednesday, November 19, 2008 2:57:58 PM
>         Lease Expires . . . . . . . . . . : Wednesday, November 19, 2008 8:57:58 PM
> [olivares localhost ~]$
> 
> DNS appear to be correct, but I cannot browse.  I am almost there.  Just a little thing here or there and it will be done :)
----
eliminate DNS from the equation for the time being because I think your
problem is routing still...

# host www.yahoo.com
www.yahoo.com is an alias for www.wa1.b.yahoo.com.
www.wa1.b.yahoo.com is an alias for www-real.wa1.b.yahoo.com.
www-real.wa1.b.yahoo.com has address 209.131.36.158

So on one of your workstations, try

ping 209.131.36.158
ping www.yahoo.com

If only the 209.131.36.158 succeeds, your problem is DNS. If both fail,
your problem is routing (probably something in your IPTABLES setup on
your system doing the forwarding/routing).

Craig


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]