> 10.0.0.1: route -n > 10.0.0.1: iptables -L > 192.168.0.1: route -n > 192.168.0.1: iptables -L
The four outputs:for those still interested............ what we are basically trying to achieve is to have all of 10.0.0.x accesible to 192.168.0.x & viz versa. & if possible internet access via one broadband connection.(with 1 NAT) I only have half of it working.... total internet access , but by 2 NAT proccesses on each network & not total access between 10.0.0.x & 192.168.0.x Kernel IP routing table #10.0.0.1 Destination Gateway Genmask Flags Metric Ref Use Iface 172.31.196.24 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.0.0 10.0.0.2 255.255.255.0 UG 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 172.31.196.24 0.0.0.0 UG 0 0 0 ppp0 Kernel IP routing table #192.168.0.1 Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth1 Chain INPUT (policy DROP) #10.0.0.1 iptables -L target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state NEW Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Lokkit-0-50-INPUT (0 references) target prot opt source destination ACCEPT udp -- dns2.nsw.bigpond.net.au anywhere udp spt:domain dpts:1025:65535 ACCEPT udp -- dns1.nsw.bigpond.net.au anywhere udp spt:domain dpts:1025:65535 Chain INPUT (policy DROP) #192.168.0.1 iptables -L target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state NEW Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination Thanks to Phil for your help > > > > A/ 192.168.0.1 > 10.0.0.1 # YES/yes - Always > > B/ 192.168.0.1 > 10.0.0.2 # YES/yes - Always > > C/ 10.0.0.1 > 10.0.0.2 # YES/no - EXCEPT when 2nd NAT > > applied > > D/ 10.0.0.1 > 192.168.0.3 # NO/yes - EXCEPT when 2nd NAT > > applied > > E/ 10.0.0.1 > 192.168.0.1 # YES/no - BUT ONLY when route is > > applied > > > > I find C interesting ... can't ping a gateway in its own network when... ! > > 10.0.0.2 a "gateway" but not actually defines anywhere as such. > > IE : 10.0.0.x defines 10.0.0.1 as a gateway, > > 192.168.0.x defines 192.168.0.1 as a gateway, > > 192.168.0.1 defines 10.0.0.1 as a gateway, > > > > > > I assume you are using iptables for NAT. We need to know what rules are > set and the routes on both 10.0.0.1 and 192.168.0.1. What is the output of: > > 10.0.0.1: route -n > 10.0.0.1: iptables -L > 192.168.0.1: route -n > 192.168.0.1: iptables -L > > Fil > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
