Very Computer

I have a problem. I have a network with a Linux box (2.0 kernel Red Hat
5.1) acting
 a firewall to the internet.

On the inside of this firewall I have one private
network I'll call network "A" that has a direct connection to the linux
box.  It's packets
are masqueraded properly and anyone on that net can surf the
internet.

I have another network I'll call network "B" that connects to network
"A" through a Novell server acting as a router. People on network "B"
can see everything
on network "A" including the linux box.

They can even reach the outside address of the linux box but they
cannot reach anything
on the internet even though I set up the same
masquerading statements for their network as I did for network "A"
(i.e. ipfwadm -F -a masq -S<network_B> -D0.0.0.0/0).

Any ideas?

Keith.

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

Hello,

I understand that hosts on network 'B' have Novell server (router) setup as
the default gateway?

Under this assumption you need to make sure that Novell box has Linux
machine as it's default gateway.

PS. I'm not that savvy on the Novell these days, but how can you set it up
as a router?

Good luck!

Quote:> I have a problem. I have a network with a Linux box (2.0 kernel Red Hat
> 5.1) acting
>  a firewall to the internet.

> On the inside of this firewall I have one private
> network I'll call network "A" that has a direct connection to the linux
> box.  It's packets
> are masqueraded properly and anyone on that net can surf the
> internet.

> I have another network I'll call network "B" that connects to network
> "A" through a Novell server acting as a router. People on network "B"
> can see everything
> on network "A" including the linux box.

> They can even reach the outside address of the linux box but they
> cannot reach anything
> on the internet even though I set up the same
> masquerading statements for their network as I did for network "A"
> (i.e. ipfwadm -F -a masq -S<network_B> -D0.0.0.0/0).

> Any ideas?

> Keith.

> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.

To set a Novell server up as a router at the system propmpt load
inetcfg and select "Protocols", "TCP/IP" and set "IP Packet Forwarding"
to "Enabled (Router)". Then set up your routing table.

On my "B" network I have the workstations set with the Novell server
set as the gateway and on the Novell server I have a default route set
to the Linux machine. I also have a route on the Linux machine back to
the "B" network with the Novell server as the gateway. I can ping from
the "B" network all the way to the outside address of the Linux box but
I can't reach the Internet from the "B" network. But I can from the "A".

Keith

Quote:> Hello,

> I understand that hosts on network 'B' have Novell server (router)
setup as
> the default gateway?

> Under this assumption you need to make sure that Novell box has Linux
> machine as it's default gateway.

> PS. I'm not that savvy on the Novell these days, but how can you set
it up
> as a router?

> Good luck!

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

Quote:> (i.e. ipfwadm -F -a masq -S<network_B> -D0.0.0.0/0).

I thought the command should be:

        ipfwadm -F -a m -S <network_B> -D 0.0.0.0/0

Does it matter whether you use 'm' or 'masq'?

Julian Tibble

The man page says -m but I don't think it matters. According to
ipfwadm -F -l it says it should accept and masquerade packets for
network "B" but when I do a ipfwadm -M -l it never shows any active
masquerades for network "B". I'm stumped.

Keith.

Quote:> > (i.e. ipfwadm -F -a masq -S<network_B> -D0.0.0.0/0).

> I thought the command should be:

>    ipfwadm -F -a m -S <network_B> -D 0.0.0.0/0

> Does it matter whether you use 'm' or 'masq'?

> Julian Tibble

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.