November 22, 2024, 02:13:06 AM

News : LinuxSolved.com Linux Help Community Forum..


Author Topic: gateway and intranet gateway with proxy  (Read 10639 times)

Offline chithirai_r

  • New Member
  • Posts: 3
gateway and intranet gateway with proxy
« on: February 05, 2004, 10:55:30 AM »
Guys i  have searchd entire net i cudn't get the answer plz anyone know abt this setup plz guide immediately.

ithis is my setup. i have redhat 9.0
kernel 2.4.20-8 smp i686(firewall m/c)

gateway redhat 9.0(kernel 2.4.20-8)



i have preconfigured DSL router ip addr-192.168.1.1

and two linux server connectd in local loop

1 gateway server
2. Firewall server

gateway m/c is connect with DSL router
it has 2 NIC card

the first NIC card (eth1)ip-192.168.1.5 ------connected to DSL router ip
add
192.168.1.1

the second NIC card (eth0)ip-192.168.2.1 which is connectd with Firewall
again it also has 2 nic card
 
eth0- 192.168.2.1 -connectd with eth0 of gateway m/c as i said earler

eth1 - 192.168.10.1 this is connect with my all clients.

i can ping from firewall server  to both NIC cards of gateway machine not
the
DSL router ..



i want share my internet to all my clients thro' firewall..

i tried with single m/c as intranet gateway which is working fine

commands i tried is

iptables -F -t nat
iptables -A POSTROUTING -t nat -o 192.168.1.5 -j MASQUERADE
iptables -A FORWARD -i 192.168.10.1 -j ACCEPT



this setup is

when i don t have firewall  now i insert the firewall m/c

trouble startd


Thank you! in advance,

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
gateway and intranet gateway with proxy
« Reply #1 on: February 05, 2004, 01:47:55 PM »
Well..
First tell me why you are using separate firewall machine , I think if you are having not so many clients then having a m/c as firewall and as gateway is good. You just need a good firewall script and routing table and you are up.
Secondly you have specified that you are having proxy in your question but in your main question i haven't find proxy anywhere...  No worry..
BTW.. It is clear from here that b'cause of firewall you are not able to share ur internet on LAN.
If I can see your firewall m/c's firewall script then i can suggest anything further..

Offline chithirai_r

  • New Member
  • Posts: 3
gateway and intranet gateway with proxy
« Reply #2 on: February 05, 2004, 04:01:10 PM »
Reason is i want to block some websites n central mail server support in linux.

The gateway server having mail relay n intrusion detector also.

Earlier i had the same setup in redhat 7.3 it was working fine.now i thought of changing to redhat 9.0

the second intranet server having proxy , mail box which is centralised mail server for my office.

2day the whole day gone waste for me , plz guide as early as possible.. it would be highly appreciated.

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
gateway and intranet gateway with proxy
« Reply #3 on: February 05, 2004, 06:20:51 PM »
So you are saying this is as
Code: [Select]
DSL --> Gateway --> Firewall --> Internal Network Well.. Did you noticed or mentioned that how you gonna share internet from your "Gateway" to your "Firewall " ? Is there any such thing  on the Gateway ? I thing not.

You have to enable port forwarding on your Gateway so that you can share internet from it . to do so
Code: [Select]

iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
Here eth1 is connect to DSL router.
But if you enable port forwarding then you have to use firewall also ... go for "Firestarter" a gui for configuring firewall.. and select appropriate section.
And as you said that your second machine "Firewall" is having proxy server so you will be able to share internet from this configuration.    

BTW.. How many clients you have in your office ?
(Plese don't leave blank lines in your posts)

Offline chithirai_r

  • New Member
  • Posts: 3
gateway and intranet gateway with proxy
« Reply #4 on: February 06, 2004, 05:39:01 AM »
Yep ! U r Corect Ricky.
clients-192.168.10.0-INTRANET-192.168.2.0-GATEWAY--192.168.1.0-DSL
i want to share my share internet to my client machine thro proxy which is connectd in local loop with gateway server.
i have same entries  in my gateway server which is configured like wht u said ...but i can't ping DSL router 192.168.1.1 from my client machine.
wht i supposed to do in my proxy server to forward the same cient ip to gateway.


[/img]

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
gateway and intranet gateway with proxy
« Reply #5 on: February 06, 2004, 09:50:50 AM »
Man.. as far as i know we can't ping anytihing par the proxy server b'cause it is not allowing port forwarding.. If you are able to use net on firewall through gateway then just configure proxy on your firewall as you are already having and you are up..  You can ping your proxy but not your gateway from clients as for clients gateway is "Firewall machine" .