[TriLUG] Linux Routing - why isn't it working?
Brian Blater
brb.lists at gmail.com
Fri Sep 5 14:04:21 EDT 2014
I think I see what you're getting at on the client machines, but that is
what I'm trying to avoid (having to add routes to each client for this
network. I really want them to send the packets to the default gw which
would then send the packets to the linux machine for this other network.
On Fri, Sep 5, 2014 at 1:48 PM, <matt at noway2.thruhere.net> wrote:
> > On Fri, 5 Sep 2014, Brian Blater wrote:
> >
> >> Hi all,
> >>
> >> I know this has got to be something simple, but I just can't figure out
> >> what is wrong.
> >>
> >> I have an Ubuntu 12.04 server that has two nics. Eth0 connects to the
> >> main
> >> network and Eth1 connects to a small/private network. Eth0 is on the
> >> inside
> >> network of a PIX 515e and has internet access. Here's a simple pic:
> >>
> >> internet --- PIX --- (192.168.9.0/24) --- Ubuntu --- (192.168.8.0/24)
> >>
> >> The PIX is the default gateway for ubuntu eth0 as well as all the host
> >> on
> >> the .9 network. I have added a route on the PIX to send traffic from the
> >> .9
> >> network to the IP of the ubuntu box. From the PIX I can ping eth1 of the
> >> ubuntu box, but not a device on that .8 network.
> >>
> >> I've enable routing on the ubuntu box (ip_forward is set to 1).
> >>
> >> No other boxes on the .9 network can even ping eth1 on the ubuntu box.
> >>
> >> What in the world am I missing here? I've done several google searches
> >> and
> >> all of them point to enabling ip_forward and make sure iptables is not
> >> blocking anything. IP tables is currently off on the ubuntu box.
> >>
> >> Anyone have any ideas?
> >
> > do the machines you're pinging from have a route to 192.168.8.0/24 or
> are
> > all
> > the pings being sent to the default gw?
> >
> > Joe
> >
> The brain fog is clearing away. I took another look at the diagram and it
> reminded me of trying to reach a LAN segment from a VPN interface which
> requires routes or LAN translations.
>
> Brian, take a look at these links:
> http://allanmcrae.com/2013/09/routing-traffic-with-openvpn/
>
> Specifically, the part about IPTables set up after enabling forwarding and
>
>
> http://rbgeek.wordpress.com/2012/12/13/openvpn-server-on-ubuntu-12-04-behind-nat/
>
> the part about look at the routing table on client machines.
> --
> This message was sent to: Brian Blater <brb.lists at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web :
> http://www.trilug.org/mailman/options/trilug/brb.lists%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome
>
More information about the TriLUG
mailing list