Tinothy -- To put it plainly, if you did everything right, then the system
would work. Since it doesn't, either something is set wrong or there is
something unusual about your setup that you have not mentioned (for
example, that your ISP uses private-range addresses on the external side),
something that the stock How-Tos do not cover.
But to help you spot what it is, we need the details.
The LEAF guide for posting troubleshooting requests spells out the details
here, but basically we need to know
what ping-failure message you see when trying to ping the ISP's
gateway (read the LEAF FAQs for details on the variety
of ping failures)
what your external IP address/netmask is, and what the gateway
IP address/netmask is (output of "ip addr show" is a
handy way to report this)
how your routing table is set up (output of "netstat -nr" is
the nicest way to present this)
what specific ipchains rules you have in place that might
affect the external connection (output of "ipchains
-L -n -v" is hard to read but VERY complete). The
default DENY policies are much less important than
the specific rules that are in place, as set up with
either Charles' built-in stuff or Seawall (you don't
specifically say which you are using, and I can't
guess if "exactly as specified ... with Rich Lohman's
How-to" means you are also running Seawall).
how the system physically connects to the ISP (details count
here: for example, if you are connecting via a so-
called "DSL modem", be sure you are NOT using a
crossover cable)
That probably covers what we need to see, but others might spot something
I've missed. Oh, one last thing -- when you say "I can ping the router
gateway as well as my external IP address", what do you mean by "the router
gateway"? Its *internal* address? Or something else?
At 11:35 PM 6/17/01 -0500, Timothy H. Schilbach wrote:
>Hey there,
>
> I am using the newest Eiger2Beta from Charles Steinkuehler's site. I
>have set it up exactly as specified on the leaf site with Rich Lohman's
>How-to at:
>http://nw-hoosier.dyndns.org/rlohman/linux/eiger-contents.html
>
> The main problem I have is, when everything is connected I can ping
>all of my internal hosts just fine. I can ping the router gateway as
>well as my external IP address. When I try to ping my ISP gateway, I get
>a host cannot be reached error. I cannot browse anywhere on the internet
>either. Also, when I try and use the weblett that shows log statistics
>through your browser, I get page cannot be accessed. This is very weird.
>
> I am using a standard 2 NIC configuration with my outside assigned
>static IP. I am using DHCPD for the internal network for ease of use for
>my Windoze LAN users. I have double and tripple checked my connections.
>I know the connections are correct, I know the NIC's are working, I can
>ping all my internal hosts as well as the router gateways. I cannot
>route an packets beyond the router itself though.
>
> I am an infant to IPCHAINS still, but I did a quick check with:
>ipchains -L and I found that all rules are setup to deny by default. Am
>I poking at the wrong area maybe? I also noticed that my Hosts.deny is
>set to paranoid as well as ALL:ALL and the only entry in hosts.allow is
>for sh-httpd on 192.168.1.0.
>
> I would appreciate any advice anyone could give me. I am stuck at the
>end of my setup and yet I my network is so secure, that nothing can
>route either in or out of the network. I was hoping for at least a few
>ports for basic internet browsing. Please send help soon.
--
------------------------------------"Never tell me the odds!"---
Ray Olszewski -- Han Solo
Palo Alto, CA [EMAIL PROTECTED]
----------------------------------------------------------------
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
