standalone firewall connections
From: Kirby Clements (kpc_at_floweb.net)
Date: 07/22/03
- Previous message: Keith Morse: "RE: VPN"
- Next in thread: Edward Croft: "Re: standalone firewall connections"
- Reply: Edward Croft: "Re: standalone firewall connections"
- Reply: Michael Gargiullo: "Re: standalone firewall connections"
- Reply: Rodolfo J. Paiz: "Re: standalone firewall connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: redhat-list@redhat.com Date: Tue, 22 Jul 2003 12:26:08 -0700
This is an issue of connections in general, being that I don't even
have the firewall turned on yet.
The new standalone firewall box I have built is now connecting via PPP
with wvdial, a great little tool.
The firewall, be it shorewall or if I just decide to use ipchains with
lokkit, is off.
There will be approximately 25 Windows NT machines behind this linux
box, all of them feeding off the PPP connect over a 56K modem.
Only one of those NT machines has a static IP address - the rest are
all being assigned (by Exchange I guess) 192.168 addresseses.
That same NT server machine with a static IP is the mail server, and
serves IIS and Exchange, offering UDP connects and so forth internally,
while letting the entire network get/send mail.
I have assigned the linux firewall a 192.168.0.0 address, being that I
don't see that address taken on the network. My issue is that even with
the firewall off, I can't get a connection with the other machines.
Granted this is a scenario b/c I have been trialing this on my own
network first, so I don't take down the actual NT network.
I am using the internet services DNS servers, and have assigned a
machine of mine a 192.168.0.1 address.
The ethernet on the firewall is configured with no gateway since I have
read PPP does not need one ( I tried it the other way but still no luck
) and like I stated, the linux box is connecting fine. I just cannot
seem to get any of my other machines with 192.168 addresses to connect
via their ethernet to the linux box's ethernet, via a dumb hub.
I now know I need to masquerade the packets on the network, since they
are 192.168 addresses. I have set that up in /etc/sysctl.conf.
When I try to connect from a macintosh or windows box, using the linux
PPP 56K connect, and using the internet services DNS info, I get
nothing.
A "dig" either gives me "operation timed out" or "host is down". So,
after 10 gruelling hours last night, I am trying to figure out what to
do.
I have also gone to the point to put client machines 192.168 addresses
and names in the /etc/hosts file of the linux box, thinking that might
be the trick.
What else I have noticed is that in the linux logs, the dialup company
used by the internet service (outsourced dialup service) is assigning
random DNS server IP's to the linux box. Is this the issue?
I will stop here b/c obviously this is enough info on this issue at the
moment. Would purchasing a static IP for the linux box help?
What am I not doing? I have now got 24 hours to find out :)
Kirby
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Keith Morse: "RE: VPN"
- Next in thread: Edward Croft: "Re: standalone firewall connections"
- Reply: Edward Croft: "Re: standalone firewall connections"
- Reply: Michael Gargiullo: "Re: standalone firewall connections"
- Reply: Rodolfo J. Paiz: "Re: standalone firewall connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
