Re: [fw-wiz] Forward 2 networks

From: Christopher Hicks (chicks_at_chicks.net)
Date: 12/03/04

  • Next message: Magosányi Árpád: "Re: [fw-wiz] Defense in Depth to the Desktop" 
    To: Firewall Wizards Mailing List <firewall-wizards@honor.icsalabs.com>, Rudi Starcevic <tech@wildcash.com>
Date: Fri, 3 Dec 2004 13:49:28 -0500 (EST)

    On Mon, 29 Nov 2004, Rudi Starcevic wrote:

    > I've been trying to figure this one out but am getting a little lost and
    > confused. I have 2 NICs:
    > eth0 192.168.2.7
    > eth1 192.168.3.7
    > each has it's own 10/100 switch.

    Good.

    > On eth0, 192.168.2.7, I have a small network of PC happily using NAT
    > with a default gateway of 192.168.2.1 I'd like to forward traffic for
    > eth1, 192.168.3.7 out eth0, 192.68.2.7

    Sure.

    > With one NIC I'm confident but with two, or more, I'm lost. I have
    > checked out Lartc but am still unsure, perhaps I should be posting this
    > there?

    This is a firewall question so it seems relevant here to me, but a
    Linux-specific forum would be fine too.

    The answer:

    - make sure the box with two NIC's has proper routing for itself. Can it
    ping hosts on both networks and the Internet in general?

    - enable forwarding in the kernel. Doing something like:
             echo 1 > /proc/sys/net/ipv4/ip_forward
    in your /etc/rc.d/rc.local should do it.

    With that you should be able to ping the real world from a host on the
    192.168.3 network. See if it works. 

    -- 
</chris>
"Fans of Mozilla's free, open-source Firefox browser make the
ardent Apple faithful look like a bunch of slackers."
- Rebecca Lieb at clickz.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Magosányi Árpád: "Re: [fw-wiz] Defense in Depth to the Desktop"

    Relevant Pages

    • Re: connect to bridge modem
      ... ISA console, Configuration, Networks, Internal. ... IP address' wiz and move out of the .0 subnet, ... I understand that the external gateway has no business routing private IP ...
      (microsoft.public.windows.server.sbs)
    • Re: Auto-sensing for IPS devices
      ... Auto-Negotiation is essential in larger networks. ... about 1000's of switch ports and PC's connecting/disconnecting ... the ports at whatever they need to be. ... > you MUST set BOTH speed and duplex settings and you MUST set BOTH ...
      (Focus-IDS)
    • Re: Help with theory question on network topology
      ... of the difference between a gateway and a hub. ... >> of devices are attached to each of the networks. ... >> Not all data packets pass through the gateway (My guess, ... > Token Ring and something else, the nature of Token Ring has little to do ...
      (comp.dcom.lans.ethernet)
    • Re: probably an easy routing question, so please help
      ... plugged into the same gigabit switch as Server B in Block 2 and they ... from a 10Mb link to the router and the computers are both hooked into ... not run out the 10Mb port to the router with all of its traffic, ... nodes in the two networks you don't own. ...
      (comp.dcom.sys.cisco)
    • Re: There is a serious problem within Server 2003 SP1.
      ... Your config is wrong - even if it worked in the past. ... It's likely that SP1 made some changes that's causing the gateways to switch, ... second gateway on a system that already has a gateway on a multihomed system, ... When a computer is multihomed with NICs attached to disjoint networks ...
      (microsoft.public.security)