Mailinglist Archive: opensuse (5100 mails)
| < Previous | Next > |
Re: [SLE] HowTo connect dhcpd and dhcp-client
- From: Leendert Meyer <leen.meyer@xxxxxxx>
- Date: Mon, 7 Jun 2004 15:25:52 +0200
- Message-id: <200406071525.53105.leen.meyer@xxxxxxx>
On Monday 07 June 2004 11:26, Ulrich Leopold wrote:
> On Mon, 2004-06-07 at 09:59, Leendert Meyer wrote:
> > On Monday 07 June 2004 08:29, Ulrich Leopold wrote:
> > > On Mon, 2004-06-07 at 03:03, Leendert Meyer wrote:
> > > > BTW, can you setup a static ip# on the client?
> > >
> > > When I log in from the client on the server via ssh it works with a
> > > static ip#. But nothing else.
> >
> > Not even ping? Ping host -> client, ping client -> host?
...
> Now I do not know what is wrong?
>
> Ping works with static address and dynamic address.
> ssh works also with both.
Huh? :)) So the dhcp setup works already?! Great.
Then we can move on to the firewall. Use YaST -> Security -> Firewall. I
included some variables from /etc/sysconfig/SuSEfirewall2, but YaST should
set them up allright. They are in case of trouble to compare against.
The following variables matter for SuSEfirewall2
*** For the server:
FW_DEV_EXT="eth-id-xx:xx:xx:xx:xx:xx"
FW_DEV_INT="eth-id-yy:yy:yy:yy:yy:yy"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="0/0"
FW_PROTECT_FROM_INTERNAL="no"
FW_SERVICE_AUTODETECT="yes"
FW_SERVICE_AUTODETECT="yes": means the firewall should detect some services,
e.g. dhcp server, and enable them automatically.
Start YaST -> Security -> Firewall:
*) select the external and internal interfaces
ifconfig shows the mac address (hw addr)
that is used to distinguish eth devices
*) perhaps enable/disable some services (does not matter)
*) Firewall features:
[x] Forward traffic and do masquerading
[ ] Protect from internal network
I believe these do not matter ATM:
[x] Protect all running services
[x] Allow traceroute
[ ] Treat IPsec traffic as internal
*) Logging options:
Your choice. Default is good.
*** For the client:
basic settings should be *fine*.
Perhaps only set the external interface
FW_DEV_EXT="eth-id-zz:zz:zz:zz:zz:zz"
That should get you on the net.
Cheers,
Leen
> On Mon, 2004-06-07 at 09:59, Leendert Meyer wrote:
> > On Monday 07 June 2004 08:29, Ulrich Leopold wrote:
> > > On Mon, 2004-06-07 at 03:03, Leendert Meyer wrote:
> > > > BTW, can you setup a static ip# on the client?
> > >
> > > When I log in from the client on the server via ssh it works with a
> > > static ip#. But nothing else.
> >
> > Not even ping? Ping host -> client, ping client -> host?
...
> Now I do not know what is wrong?
>
> Ping works with static address and dynamic address.
> ssh works also with both.
Huh? :)) So the dhcp setup works already?! Great.
Then we can move on to the firewall. Use YaST -> Security -> Firewall. I
included some variables from /etc/sysconfig/SuSEfirewall2, but YaST should
set them up allright. They are in case of trouble to compare against.
The following variables matter for SuSEfirewall2
*** For the server:
FW_DEV_EXT="eth-id-xx:xx:xx:xx:xx:xx"
FW_DEV_INT="eth-id-yy:yy:yy:yy:yy:yy"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="0/0"
FW_PROTECT_FROM_INTERNAL="no"
FW_SERVICE_AUTODETECT="yes"
FW_SERVICE_AUTODETECT="yes": means the firewall should detect some services,
e.g. dhcp server, and enable them automatically.
Start YaST -> Security -> Firewall:
*) select the external and internal interfaces
ifconfig shows the mac address (hw addr)
that is used to distinguish eth devices
*) perhaps enable/disable some services (does not matter)
*) Firewall features:
[x] Forward traffic and do masquerading
[ ] Protect from internal network
I believe these do not matter ATM:
[x] Protect all running services
[x] Allow traceroute
[ ] Treat IPsec traffic as internal
*) Logging options:
Your choice. Default is good.
*** For the client:
basic settings should be *fine*.
Perhaps only set the external interface
FW_DEV_EXT="eth-id-zz:zz:zz:zz:zz:zz"
That should get you on the net.
Cheers,
Leen
| < Previous | Next > |