[TriLUG] Linux Routing - why isn't it working?
matt at noway2.thruhere.net
matt at noway2.thruhere.net
Fri Sep 5 13:48:46 EDT 2014
> On Fri, 5 Sep 2014, Brian Blater wrote:
>
>> Hi all,
>>
>> I know this has got to be something simple, but I just can't figure out
>> what is wrong.
>>
>> I have an Ubuntu 12.04 server that has two nics. Eth0 connects to the
>> main
>> network and Eth1 connects to a small/private network. Eth0 is on the
>> inside
>> network of a PIX 515e and has internet access. Here's a simple pic:
>>
>> internet --- PIX --- (192.168.9.0/24) --- Ubuntu --- (192.168.8.0/24)
>>
>> The PIX is the default gateway for ubuntu eth0 as well as all the host
>> on
>> the .9 network. I have added a route on the PIX to send traffic from the
>> .9
>> network to the IP of the ubuntu box. From the PIX I can ping eth1 of the
>> ubuntu box, but not a device on that .8 network.
>>
>> I've enable routing on the ubuntu box (ip_forward is set to 1).
>>
>> No other boxes on the .9 network can even ping eth1 on the ubuntu box.
>>
>> What in the world am I missing here? I've done several google searches
>> and
>> all of them point to enabling ip_forward and make sure iptables is not
>> blocking anything. IP tables is currently off on the ubuntu box.
>>
>> Anyone have any ideas?
>
> do the machines you're pinging from have a route to 192.168.8.0/24 or are
> all
> the pings being sent to the default gw?
>
> Joe
>
The brain fog is clearing away. I took another look at the diagram and it
reminded me of trying to reach a LAN segment from a VPN interface which
requires routes or LAN translations.
Brian, take a look at these links:
http://allanmcrae.com/2013/09/routing-traffic-with-openvpn/
Specifically, the part about IPTables set up after enabling forwarding and
http://rbgeek.wordpress.com/2012/12/13/openvpn-server-on-ubuntu-12-04-behind-nat/
the part about look at the routing table on client machines.
More information about the TriLUG
mailing list