IP Masquerading, adding a network
I recently set up a network of machines using the private IP addresses
192.168.1.xxx. All machines are running Debian, a mix of bo, hamm, and
slink. One slink machine which has two ethernet interfaces, 192.168.1.1
and <a real non-private IP>, has the ipmasq package installed and is the
gateway to the internet.
The ipmasq package dropped right in and everything works fine with no
special configuration at all--the defaults just work. All the machines
on that network reach the internet, no worries.
After the fact I added a second network using the 192.168.2.xxx
addresses. One other machine (not 192.168.1.1) has two interfaces and
gateways between the two internal networks. The necessary routes have
been added so that all the machines on each internal network can see all
the machines on both internal networks.
The exception is, wouldn't you know, the IP masquerading gateway
(192.168.1.1). It will not respond to a ping from a machine on the
192.168.2.0 network, and if I try to ping from 192.168.1.1 to a
192.168.2.xxx machine it tells me "operation not permitted."
I've read the ipfwadm man page, the scripts in /etc/ipmask/rules/,
the IP Masquerading How-To, visited web pages, etc., and it's still a
mystery to me. Nowhere do I find (nor have I been able to deduce) a
straightforward answer to the question:
How do I tell the IP Masquerading gateway to treat packets from machines
on the 192.168.2.0 network the same as it treats packets from machines
on the 192.168.1.0 network?
Thanks very much for any insight anyone can provide.
--
What's All the Buzz About Linux?
http://www.ourmanpann.com/linux/
Reply to: