[lug] PPP server is driving me nuts!
D. Stimits
stimits at idcomm.com
Tue Oct 10 22:15:14 MDT 2000
You could just add the masq lines to the end of /etc/rc.d/rc.local (or
appropriate rc.local for distribution). If you don't have a separate
routable/registered ip address for some particular machine, then another
one must masquerade for it, the machines know that only one interface
has a particular ip. If your forward ipchain lines are not working, try
the MASQ accept line prior to the forward DENY line, so the packets will
find an accept statement prior to the deny statement.
Deva Samartha wrote:
>
> Hello,
>
> Setup:
>
> Internet DSL --- | Firewall | -----| PPP Dialup server |
> | ppp0
> |
> dialup line
> |
> | Dialup client | ( W98 )
>
> dialup connection is fine, can ping Dialup client <-> Dialup server but nothing
> beyond.
>
> Internet/lug archive search give as a result that IP_FORWARD needs to be
> enabled on the
> dialup server..
>
> As far as I can see, it is - at least in /proc/sys/net/ipv4/ip_forward is 1
> and the (SuSE ) rc.config has the IP_FORWARD=yes, got rebooted and the
> machine has done masquerading before, so it's in the kernel. But it's NOT
> WORKING!!
>
> Only if I run the masq script it works and I can access the internet from
> the dialup client.
>
> ipchains -P forward DENY
> ipchains -A forward -s 192.168.0.0/255.255.255.0 -j MASQ
>
> But essentially, I do double masquerading with this - once in the firewall,
> and the second time in the Dialup server - I DON'T WANT TO!!!
>
> Could somebody please tell me how I would know if ip_forward is enabled or
> how to run the
> ipchains command to enable ip_forward without doing MASQ if it's necessary?
>
> Thanks,
>
> Samartha
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list