Re: Connecting Wireless Router to a Linux-IP-Masquerading based network

From: B. Joshua Rosen (
Date: 07/07/03

Date: Mon, 07 Jul 2003 09:20:45 -0400

On Sun, 06 Jul 2003 20:05:36 +0000, Sergei Fedorov wrote:

> Did a quick search and couldnt find the answer. Really appreciate your
> help.
> I currently have a local network with my Linux machine doing the
> routing/IP masquerading for other PCs. The setup is like this: eth0 :
> Static IP of my DSL modem
> eth1 :, connected to a switch.
> Other PC's and a Wireless access point all connect to the switch and
> everything works hunky dory.
> Now, to upgrade, I got the latest Wireless router (a+b+g) to replace my
> access point and the problem started here. I dont see a way to connect
> this wireless router seamlessly into my current network. I would still
> like the Linux machine to be connected directly to the dsl modem and be
> the router because I like to telnet/ss into my Linux machine from
> outside. The Wireless router tries to do what my Linux machine is
> currently doing and the manufacturer documentation doesnt provide any
> way to defeat this. Ideally, I want the Wireless router to be a way to
> expand my current network. ie., I want the router to be connected to my
> switch and the 10/100 ports in the router to connect additional
> machines.
> Have you experienced similar issue before and how did you get around it?
> thanks,
> SF91

Connect the wireless router to the DSL modem and let it do all of your
routing and firewall functions. If you want to SSH into your machines all
you have to port forward the SSH ports, I'm doing just that. I have the
default SSH port (22) forwarded to my CVS server and then I used ports
2203-2208 for the other machines on my network, for example 2205 ->, 2206 -> and so on. It's not actually
necessary to connect SSH to more than one machine, you can always ssh in
to one machine and then do an xauth add of the MIT magic cookie when you
rlogin into other machines, but I find it more conveinient to have direct
SSH connections on each machine.

BTW If you have SSH set up then you don't need or want Telnet, but if you
do feel a need to do it you can forward that port also.

The wireless router should be a good enough firewall on it's own but if
you want a belts and suspenders approach you could run it through a Linux
firewall also. In that case just forward port 22 to your firewall machine
and use the xauth add approach to connect to other machines.