Find the answer to your Linux question:
Results 1 to 5 of 5
Hi I am managing a linux server which is connected to Internet through Broad Band DSL Modem and having a Static IP (59.x.x.x). I've released the http, ftp and ssh ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2008
    Posts
    2

    Smile Linux Routing


    Hi

    I am managing a linux server which is connected to Internet through Broad Band DSL Modem and having a Static IP (59.x.x.x). I've released the http, ftp and ssh ports in the Broand Band Router. My Linux box is having two NICs. One is 192.168.1.50 (For Internet Access aloted by DHCP of BB Modem) and another 10.192.162.50 (For our intranet). Now I am asked to give access to another server in our LAN with ip 10.192.161.5/24 throgh internet. That is we should be able to access the second server throguh my Linux box throgh internet.

    http://59.x.x.x/secondserver/ should pickup the web server at 10.192.161.5

    Pl help me.

  2. #2
    Linux Guru
    Join Date
    Nov 2007
    Location
    Córdoba (Spain)
    Posts
    1,513
    Quote Originally Posted by umapst View Post
    Hi

    I am managing a linux server which is connected to Internet through Broad Band DSL Modem and having a Static IP (59.x.x.x). I've released the http, ftp and ssh ports in the Broand Band Router. My Linux box is having two NICs. One is 192.168.1.50 (For Internet Access aloted by DHCP of BB Modem) and another 10.192.162.50 (For our intranet). Now I am asked to give access to another server in our LAN with ip 10.192.161.5/24 throgh internet. That is we should be able to access the second server throguh my Linux box throgh internet.

    http://59.x.x.x/secondserver/ should pickup the web server at 10.192.161.5

    Pl help me.
    You can do NAT using iptables to give access to many machines through that box.

    Then I guess you can use vhosts in apache. Though I've never used vhosts myself. So I can't give any practical advise, though at least now you know what to search for.

  3. #3
    Just Joined!
    Join Date
    Apr 2008
    Posts
    5

    Nat

    Yes. You can redirect the http request comming from one network connected to one NIC in Linux box to another network through 2nd Interface in Linux box. For that, the 2nd interface should able to connected to the final destination. You can achived through NAT.

    Reply what you exactly required

    NIC 1 IP NIC 2 IP
    source IP ---> | NAT Box |-----> Destination IP

    My guess is,
    Source IP - Any Internet IP *.*.*.*
    NIC 1 IP - 59.x.x.x ( without NAT when I ask for this IP in Web browser it will show the web server in Server 1, that is 192.168.1.50 )
    NIC 2 IP - 10.192.162.50
    Destination IP - 10.192.161.5

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Apr 2008
    Posts
    2
    Hello John,

    Thanks for your reply.

    External IP of Broadband Router = 59.x.x.x (static)
    Internal IP of Broadband Router = 192.168.1.1
    NIC1 = 192.168.1.50
    NIC2 = 10.192.162.50

    The http requests from internet to 59.x.x.x is NAT to 192.168.1.50 (Virtual Hosting)

    I want to redirect a type of request like http://59.x.x.x/Server2 or http://59.x.x.x:8080 to the web server at 10.192.161.5 throguh my NIC2 (10.192.162.50).

    I hope I am clear

    Thanks in advance.

  6. #5
    Just Joined!
    Join Date
    Apr 2008
    Posts
    5
    Hello,

    To implement NAT from one network to another network you have to break the Linux firewall by using two IPTables command and forward the request from one interface to another by using one IPTables command.

    This is how A simple NAT can be implementd.
    1. DNAT (prerouting)
    2. SNAT (postrouting)
    2. MASQUERADE (postrouting)

    I forgot the exact implementation of NAT, try this syntax (not commands)

    For DNAT you can reject Source IP (B'cause it willbe any internet IP)
    destination IP is 59.x.x.x and this request will be DNAT to 10.192.161.5 (Not necessary to mention the NIC 2 IP.

    For SNAT you have to specify the source IP as 10.192.161.5 and destination IP as 10.192.162.50 (NIC 2 IP) SNAT to 59.x.x.x (or 192.168.1.1 whichever is worjking)

    For MASQUERADE you can reject Source IP (B'cause it willbe any internet IP)
    destination IP is 10.192.161.5.

    And go through this links, this might be helpful for you..
    Tutorial for iptables (v1.2.2)

    Revert back if you need further clarification.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •