Re: Linux Rh5.2 as a Gateway

Mon, 29 Mar 1999 12:53:42 -0500 

If I understand correctrly what you want to do, you need to run IP
Masquerading, despite your thinking you do not.

You write:
>I do not want any client to be visible to the outside, so no need for
>masquerading and stuff like that. I only want to give the clients access to
>the internet.

These two statements are inconsistent. To give subnet-10 clients access to
the Internet, you need to run IP Masq on the gateway. To keep them from
being "visible," you need either to put restrictions into the IP Masq setup,
run a firewall, or both. (If your LAN had "real" IP addresses, not subnet-10
addresses, you would only need IP forwarding for access, but you'd still
need firewalling to block "visibility" from the outside.)

And BTW, though you say you don't run any route commands, your rc scripts
must be running them or the Linux box wouldn't be able to ping out to the
Internet (or, probably, to the LAN). You can check what routes are set up
with "route -n".

At 07:14 PM 3/29/99 +0200, Jarmo Paavilainen wrote [abridged]:
>I'm trying to make a Linux (Redhat 5.2) to work as a gateway.
>The question is:
>Do I need anything else than ip-forwarding to make a gateway?
>E      10...## Clients (Win95/98 and NT)
>
>I do not want any client to be visible to the outside, so no need for
>masquerading and stuff like that. I only want to give the clients access to
>the internet.
>
>I can ping all computers (both intern and extern) and routers from my Linux
>box. So that's ok. I can also ping all client from any client, including the
>Linux box (at 10.0.0.200). Ive configured my clients to use 10...200 as
>their gateway.
>
>But I can _not_ ping anything on the extern network from any client.
>
>What I believed was that its enough to have ip-forwarding on to do this,
>obviously I was wrong.
>
>I do not run any "ipfwadm" commands. All is forwarded as default anyway,
>right?
>I do not run any "route" or any other commands. No need to do, right?

------------------------------------"Never tell me the odds!"---
Ray Olszewski                                        -- Han Solo
762 Garland Drive
Palo Alto, CA  94303-3603
650.328.4219 voice                              [EMAIL PROTECTED]        
----------------------------------------------------------------

Reply via email to