Vá: home network behind a firewall/router
2007/11/4, Douglas A. Tutty <dtutty@porchlight.ca>:
> On Sat, Nov 03, 2007 at 07:46:20PM +0100, P?l Cs?nyi wrote:
> >
> > I have a Cable Modem connection to my ISP.
> >
my ISP
|
Cable Modem connection to my ISP
|
eth3
get an IP address
from dhcp server of my ISP
10.91.0.xxx
|
PC box-1 firewall/gateway
=========================
eth1 eth2
192.168.1.1 192.168.2.1
| |
LAN DMZ
| |
eth0 eth0
192.168.1.98 192.168.2.100
| |
PC box-2 PC box-3
desktop server
Debian Etch Debian Etch
=========== ===========
> > I can connect from the PC box-1 to the internet,
> > but can't connect from LAN & from DMZ to the internet.
> >
> > I use shorewall on all boxes, but even when I do
> > shorewall clear on all boxes, I still can't to connect to the
> > internet from LAN & DMZ.
> >
> > On the firewall/gateway I have dhcp server which give
> > IP addresses to box-2 & box-3.
> >
> > I set up on both box-2 & box-3 the dhcp client to get the
> > domain-name-servers, and have these servers in resolv.conf.
>
> Did you enable packet forwarding on box 1?
Yes I did.
/proc/sys/net/ipv4/ip_forward
is 1
> Is shorewall masquerading for you?
No, I have not a public IP address yet, so I don't need it.
> Add IP numbers to your diagram.
See above!
> Test by pinging by IP number and worry about DNS once IP works.
from PC box-1 ping PC box-2
ping 192.168.1.98
OK
from PC box-1 ping PC box-3
ping 192.168.2.100
OK
from PC box-1 ping www.google.com
ping www.google.com
OK
from PC box-2 ping PC box-1
ping 192.168.1.1
OK
from PC box-2 ping www.google.com
ping www.google.com
ping: unknown host www.google.com
from PC box-3 ping PC box-1
ping 192.168.1.1
OK
from PC box-3 ping www.google.com
ping www.google.com
ping: unknown host www.google.com
I set up on PC box-1 & box-2 & box-3 dhcpclient so
they get domain-name-servers of my ISP correctly.
I can see the correct nameservers in resolv.conf
of both boxes.
I don't understand what is missing here more?
--
Regards, Paul Csanyi
http://www.freewebs.com/csanyi-pal/index.htm
Reply to: