[K12OSN] Blocked net access
Les Mikesell
les at futuresource.com
Fri Jan 12 13:38:48 UTC 2007
John Lucas wrote:
> On Friday 12 January 2007 04:32, Nakashima wrote:
>> Hi all,
>> New install of K12LTSP 6 taking all defaults.
>> Both Windows and Mac OS boxes connected to Eth0 switch can't get to the
>> net.
>> Clients connected to Eth0 switch have no problem getting to the net.
>> Any ideas?
>> Thanks :-)
>> --Peter
>>
>
> Yes. Unless changes are made, your LTSP server is not set up as a router and
> won't pass packets from the "inside" network to the "outside" network. The
> terminals run processes on the server, which has access to both networks, but
> non-terminals attached to the "inside" do not have access to the outside.
>
> To keep the PCs on the inside and allow them out, you need to make several
> changes:
>
> - turn on packet forwarding on the server (make it a router)
> - give the server's inside address as a router in the DHCP stanza for the PCs
> - make sure you don't have an IPTables rule preventing forwarding
> - make sure your perimeter router knows the route back to the inside network
> - make sure your perimeter firewall allows the inside network to forward
>
> This is all basic TCP/IP networking 101 and is not specific to LTSP.
K12LTSP should come with a script to do all of this, though. Try
service nat on
to start it and
chkconfig nat on
to make it start automatically at boot up. Your other routers shouldn't
need to know about the eth0 address range because outgoing packets
nat to the eth1 address. I thought this was normally set up during
a default install.
--
Les Mikesell
lesmikesell at gmail.com
More information about the K12OSN
mailing list