Hi Payam, ok, if the dns works from the router, than you have a routing problem. try tcpdump -i eth1 to look what packages are leaving and icoming on your "world device". You get this information by invoking the command above and trying "nslookup www.suse.com" from a client. Greets robert payam payami schrieb:
Hi Robert,
I have win2k for router in our network now and is working well, so , i want to replace it with suse 7.3 I set an dns IP in control center (host name and name server) in Xwindow & set this IP for dns in clients(windows machine) Router can see internet but clients (internal network) that their OS is win2k can't see internet. Also router (suse 7.3) can ping clients IP but clients only can ping eth0(internal network) for router & can't ping eth1(external network) for router when i do this command in client machine : nslookup suse.com i get thie error: can't find servername for address ( the Ip that i set for dns that above told you ) :time out default servers arenot availabe ' ' ' ' ' What can i do?
Thanks for your help, Payam
--- Robert Rottscholl
wrote: Hi Payam,
what about your dns server? You have one? Or do you add an external dns to your client configuration. What does nslookup or dig on a client say? (e.g. nslookup www.suse.com) If these programs can recieve an IP-Adress try to ping.
Ciao ;-)
Robert
payam payami schrieb:
Hi Robert, I did what did you tell me, FW_route &
FW_MASQUERADE &
etc, without set the iptables rule but
UNFORTUNATELY i
can't get result. What can i do?
Thanks for your help, Payam
--- Robert Rottscholl
wrote: Hi Payam, let me repeat what you try to do: You want to
route
the internet requests from the internal (eth0) interface to
the
external interface (eth1). You needn't set the rule you posted. Set FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="eth1" FW_MASQ_NETS="" # to your internal subnet (e.g. 192.168.0.0/24)
Creets
robert
payam payami schrieb:
I want to use suse 7.3 for router & i want to do masquerading. I have 2 net card that one is for internal
network
&
another is for external network. eth0 for internal network eth1 for external network I was setting in
/etc/rc.config.d/firewall2.rc.config
(The options that related to masquerading) and
type
this command in command line
iptables -t nat -A POSTROUTING -j MASQUERADE -o
eth1
Is this any problem with this rule or in my configuration file? Because only router system can see internet and another systems can't see internet How can i solve this problem that another systems (internal network) can see internet?
Thanks for your help, Payam
__________________________________________________
Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up
now.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to
security@suse.de,
not here
__________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up
now.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
__________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com