Re: Router--IPCOP--Switch--LAN
- From: Pascal Hambourg <boite-a-spam@xxxxxxxxxxxxxxx>
- Date: Wed, 24 Jan 2007 13:06:01 +0100
Hello,
x25 a écrit :
My network is this: Router--eth1(IPCOP)eth0--Switch--LAN
The IPCOP have two interfaces eth1 to router and eth0 to switch.From the LAN dont arrive to router and havent exit to internet.
From the Lan arrive to IPCOP and eth0 but dont arrive to eth1.
Are you sure of this (did you check with tcpdump, (t)ethereal/wireshark or another packet sniffer) ? Couldn't it be that replies from the router or the internet don't arrive to the IPCOP ?
From the IPCOP arrive to all sites, internet, LAN.
1) Router Comtrend 536:
* Formed like multiposition
* IP to acces to router: 192.168.1.1 y la 192.168.2.1
Why two addresses ? And specifically, why 192.168.1.1, which is supposed to belong to the LAN ?
2) Ipcop (Green+Red):
* Interface RED:
eth1: 192.168.2.5
GW: 192.168.2.1
* Interface GREEN:
eth0: 192.168.1.5
Does the IPCOP do masquerading or source NAT for the LAN on the RED interface ?
If no, requests from the LAN will arrive at the router with their original 192.168.1.x source address but the router will be unable to send the replies back because it has not the correct route to this destination.
To fix this :
- enable masquerading or source NAT on the IPCOP on the RED interface
or
- add a static route to the LAN subnet (192.168.1.x) via gateway 192.168.2.5 (the IPCOP RED interface address)
and in any case :
- remove the address 192.168.1.1 on the router. Such addresses should only be used on the GREEN side.
.
- References:
- Router--IPCOP--Switch--LAN
- From: x25
- Router--IPCOP--Switch--LAN
- Prev by Date: Router--IPCOP--Switch--LAN
- Next by Date: Re: How to block fragmented UDP packets
- Previous by thread: Router--IPCOP--Switch--LAN
- Next by thread: Adding new SCSI Hard disk
- Index(es):
Relevant Pages
|
