On Wed, 2005-05-18 at 06:42 -0700, Merton Campbell Crockett wrote:
On Tue, 17 May 2005, Mark A. Taff wrote:
All,
I sure hope someone can enlighten me. I am having a weird routing issue. Everything works OK, except I can't access the the external interface from a machine on my internal network.
In addition, you have a weird network configuration.
See network map pdf at http://www.marktaff.com/network.map.pdf See output of `ifconfig` and `route` below.
From any internal (192.168...) machine, I can't ping/ssh liberty1-ext, but I can ping/ssh to liberty1-int.
From each internal machine, I can reach all the other internal machines, and the router's external ip, but not liberty1's external ip.
There is no need to reach the router's external IP (internally), only the internal IP. Let the router do the job it was designed for, route traffic.
From outside my private network, I can ping/ssh liberty1-ext just fine.
I want to be able to access the machine
Which one, liberty1? You just stated that you can ping/ssh liberty1-ext.
via liberty1-ext both at home and
while traveling, yet still be able to access the private network from liberty1 via liberty1-int interface.
Could the problem be my hub? Do I need to replace it with a switch, or perhaps a separate router? Seems like the hub should work?
No. The problem seems to be in your logic. If you can access liberty1 from the internet you can then access all of the internal machines via eth1 Let the router handle the connection to liberty1 via port forwarding. I believe the d-link can handle this, I know linksys routers can. port forward ssh from the router to liberty1-int but no other ports, unless needed for other services and then you can setup a vpn tunnel to further protect any traffic between your internet connection and liberty1. Then you can eliminate liberty1-ext interface and the hub by having the cable/modem connect directly to the d-link wan port. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge