i made a typo: firewall-1 and i have made the following changes in /etc/rc.config: ip_forward= yes->no should be: ip_forward= no->yes (i turned it on, not off) : -----Original Message----- : From: jeric [mailto:jeric@mmcable.com] : Sent: Monday, August 13, 2001 3:19 AM : To: suse-linux-e@suse.com : Subject: [SLE] ip masquerading: internal ping each other but not : internet : : : I have 3 machines: firewall-1, linux-1, and win2k-1. linux-1 and : win2k-1 can ping each other and can ping firewall eth1 (local IP : 192.168.0.1) and firewall-1 eth0 (cable modem IP, DHCP). But, : linux-1 and win2k-1 cannot ping the internet (i have tried : www.google.com and 216.239.35.100, neither work) : On firewall-1 I have tried it with the firewall off too, but the : same thing happens. I have a default install of SuSE pro 7.0 on : firewall-1 and i have made the following changes in /etc/rc.config: : TYPO: ip_forward= yes->no : permission_security= easy local -> secure local : passwd_use_cracklib= no->yes : start_pcmcia= yes->no (its a desktop) : start_httpd= yes->no : start_portmap= yes->no : check_inittab= yes->no : fqhostname= linux.local -> newname.local (and i tried just 'newname') : : I tried the following both on and off, neither worked: : : start_named= no->yes :when this was set to yes (i tried it both : ways) i also had the following: : nameserver= "" -> 1.2.3.4 2.3.4.5 5.6.7.8 (they were the : 3 DNS server ip's from my cable provider) : searchlist= local -> myisp.com : : : For firewall-1 /etc/rc.config.d/rc.firewall.config i set the following: : : 2(int) eth0 : 3(world) eth1 : 5(route) yes : 6(masq) yes : 12(dhclient) yes : -the rest are the defaults : : On Linux-1 i set the ip address for static local (192.168.0.2) : and a default install with office. no changes to rc.config : except what yast changed when i set up the NIC. : : On win2k-1 i set the ip (192.168.0.3) mask (255.255.255.0) and : gateway (192.168.0.1 -firewall-1 eth1) : : i have the wiring as follows: : cable modem -> firewall-1 eth0 | firewall-1 eth1 -> switch -> linux-1 eth0 : ... : switch -> win2k-1 : : I have tried with and without DNS set up on the firewall-1 box, : but neither way made any changes. can someone pleas help? what : do i need to do to get the internal to see the internet? I have : done alot of searching on the internet, but most was how to do it : without SuSEfirewal and without other SuSE config options. : : thanks in advance.