Re: [SLE] Routing issues with eth1(internal) & eth2(external)
From: Ken Schneider (suse-list_at_bout-tyme.net)
Date: 05/18/05
- Previous message: Merton Campbell Crockett: "Re: [SLE] Tiny fonts again - More info"
- In reply to: Merton Campbell Crockett: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Next in thread: Mark A. Taff: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Reply: Mark A. Taff: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: suse-linux-e@suse.com Date: Wed, 18 May 2005 10:23:41 -0400
On Wed, 2005-05-18 at 06:42 -0700, Merton Campbell Crockett wrote:
> On Tue, 17 May 2005, Mark A. Taff wrote:
>
> > All,
>
> > I sure hope someone can enlighten me. I am having a weird
> > routing issue. Everything works OK, except I can't access the the
> > external interface from a machine on my internal network.
>
>
> In addition, you have a weird network configuration.
>
>
> > See network map pdf at http://www.marktaff.com/network.map.pdf
> > See output of `ifconfig` and `route` below.
> >
> > >From any internal (192.168...) machine, I can't ping/ssh liberty1-ext, but I
> > can ping/ssh to liberty1-int.
> >
> > >From each internal machine, I can reach all the other internal machines, and
> > the router's external ip, but not liberty1's external ip.
There is no need to reach the router's external IP (internally), only
the internal IP. Let the router do the job it was designed for, route
traffic.
> >
> > >From outside my private network, I can ping/ssh liberty1-ext just fine.
> >
> > I want to be able to access the machine
Which one, liberty1? You just stated that you can ping/ssh liberty1-ext.
> via liberty1-ext both at home and
> > while traveling, yet still be able to access the private network from
> > liberty1 via liberty1-int interface.
>
>
> > Could the problem be my hub? Do I need to replace it with a switch, or
> > perhaps a separate router? Seems like the hub should work?
>
>
No. The problem seems to be in your logic. If you can access liberty1
from the internet you can then access all of the internal machines via
eth1
Let the router handle the connection to liberty1 via port forwarding. I
believe the d-link can handle this, I know linksys routers can.
port forward ssh from the router to liberty1-int but no other ports,
unless needed for other services and then you can setup a vpn tunnel to
further protect any traffic between your internet connection and
liberty1. Then you can eliminate liberty1-ext interface and the hub by
having the cable/modem connect directly to the d-link wan port.
-- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: Merton Campbell Crockett: "Re: [SLE] Tiny fonts again - More info"
- In reply to: Merton Campbell Crockett: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Next in thread: Mark A. Taff: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Reply: Mark A. Taff: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
