[Shorewall-users] Client Behind Router can't get internet & cannot do fowarding...

Tom Eastep teastep at shorewall.net
Sun Mar 20 08:13:44 PST 2005


Erik wrote:

> i got 3 nic
> 
> eth0:222.222.222.222
> netmask:255.255.255.252
> gateway:222.222.222.221
> 
> eth1:10.10.10.254
> netmask:255.255.255.0
> gateway:blank
> 
> eth2:10.10.11.254
> netmask:255.255.255.0
> gateway: blank
> 
> 
> i'm running redhat9, and shorewall2.2.2
> 
> eth0 connected to dsl modem ( static ip )
> eth1 connected to d-link router ( for office network )
> eth2 connected to hub/switch ( for DMZ )
> 
> my d-link conf:
> wan setting
> ip:10.10.10.1
> netmask:255.255.255.0
> gateway:10.10.10.254
> 
> d-link office client is using dhcp:
> ip:192.168.0.1
> netmask:255.255.255.0
> 
> I got 2 big problem after running shorewall:
> 
> 1) forward my static ip ( 222.222.222.222 ) to my
> local webserver at DMZ area ( 10.10.11.10 ) at port
> 80. my lan disallow to 10.10.11.10 but have to use
> 222.222.222.222 to access the webserver. but i failed
> to do this...dont know what is the problem

I'm sorry -- from your description, I don't understand what problem you
are seeing. And given that you have not told us one single thing about
your Shorewall configuration, I don't know how you expect us to help you.

> 
> 2) office network cannot get the internet from d-link
> router. but when i connect the eth1 directly to a
> single pc, yes i can get the internet.
> 

Do you have the proper routes to the office network set up on your firewall>

> 
> glad if there is a help

Please see http://shorewall.net/support.htm#Guidelines for the
information that we need to diagnose these sorts of problems.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key


More information about the Shorewall-users mailing list