Your email address [EMAIL PROTECTED] just bounced - user unknown.
-------- Original Message --------
Subject: Re: [SLUG] simple network questions . How to add a route to connect to a different class C network ie "can't connect from 10.0.0.x to 192.168.0.x"
Date: Mon, 09 Aug 2004 11:08:08 +1000
From: Phil Scarratt <[EMAIL PROTECTED]>
Organization: Draxsen Technologies
To: The Salisburys <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
The Salisburys wrote:
Thanks for your effort Dave & Phil
heres the info
I'll post to the list latter
doc for dos
txt for linux
Don't worry about the docs.
As Dave suggested, you probably need to post the results of iptables -t nat -n -L
In any case, I would try the following: - on 192.168.0.1 run the following to clear all firewall rules:
# Make sure the chains are empty iptables -F iptables -X iptables -Z
# Set the default policy... iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT
- now do the routing and so on as before. You should see ping's work from 10.0.0.x to 192.168.0.x and vice-versa.
Note that this completely opens the machine. This is why I said in the last email, it all depends on what level of security you want between the 192.168.0.x and the 10.0.0.x networks. Remember both networks are protected by the 10.0.0.x firewall. If you are running a DMZ (de-militarised zone) type situation, where the 10.0.0.x machines run services that are intented for world (internet) access), then you probably want just as strong a firewall on the 192.168.0.1 machine blocking access from 10.0.0.x to 192.168.0.x. It boils down to your needs. If you want more info do a google for dmz.
Fil
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
