Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11
Hi, I'm hoping someone can help. I am running suse 11.2 with plans of making it a firewall (Goal)! I have an interface which will not connect to the internet ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2007
    Location
    In North America
    Posts
    20

    Router issue (network settings)


    Hi,

    I'm hoping someone can help.

    I am running suse 11.2 with plans of making it a firewall (Goal)!

    I have an interface which will not connect to the internet when I statically config it network settings, either via Yast or in the sysconfig/network/ifcfg-eth file.

    It will however connect to the Internet If i let it grab a dhcp address from the wireless router closest to the public Internet.

    What am i missing here? or any should I be looking somewhere else?

    I manually put in the following: these do have settings, i just didn't write them in here.
    GATEWAY
    IPADDR
    DNS
    BROADCAST
    NETWORK


    Thanks in advance

  2. #2
    Just Joined! jr0sco's Avatar
    Join Date
    Aug 2010
    Location
    Australia
    Posts
    41
    So whats not working?

    If you don't want the manually configured interface to connect to another network other then the network the system is on, you do not need a gateway. Also your configuration will need a NETMASK

  3. #3
    Just Joined!
    Join Date
    Jun 2007
    Location
    In North America
    Posts
    20
    I am setting up a dual homed firewall device running suse 11.2. It has two nic cards.

    -one interface for private lan (172.16.0.0) - eth0
    -one interface towards to public Internet (192.168.1.0) - eth1


    When I let the eth1 nic receive a dhcp address I can then access the Internet.
    If I statically assign eth1 with an address via setting using YAST or the sysconfig/network/ifcfg-eth1 file then I have a NO GO.

    I did manually add a NETMASK /24. same result though.
    And I did comment out the GATEWAY statement.

    I'm not sure why this is happening. There has to be some setting somewhere coming from dhcp that I am not entering in manually.

    Any advice or tips?

  4. #4
    Linux Engineer Segfault's Avatar
    Join Date
    Jun 2008
    Location
    Acadiana
    Posts
    877
    First, 192.168.1.0 is not a public address.
    Second, you are supposed to use DHCP to get proper settings from your ISP. Unless you are in static IP range.

  5. #5
    Just Joined! jr0sco's Avatar
    Join Date
    Aug 2010
    Location
    Australia
    Posts
    41
    The NETMASK would be 255.255.255.0

    Post the results of:
    Code:
    ifconfig -a
    Code:
    route -n
    when configured via DHCP and the same two commands without DHCP configured. I assume the DHCP settings are coming from your modem/router?

  6. #6
    Linux Engineer Segfault's Avatar
    Join Date
    Jun 2008
    Location
    Acadiana
    Posts
    877
    What's the point setting up another NAT router if you already have one? Want to increase network lag?
    Most cheap routers cannot handle advanced needs. If this is the case, why don't you put your existing router in bridge mode?

  7. #7
    Just Joined!
    Join Date
    Jun 2007
    Location
    In North America
    Posts
    20
    Quote Originally Posted by Segfault View Post
    First, 192.168.1.0 is not a public address.
    Second, you are supposed to use DHCP to get proper settings from your ISP. Unless you are in static IP range.
    Yes, I do know this.

    The only difference I see when issuing these two commands for both a static & dhcp configured address is the inclusion of a 0.0.0.0. - default gateway route - this is seen when using the issued dhcp address only. AND the inclusion of the 169.254.0.0 network - I believe this is only if the nic doesn't receive a dhcp defined address it will fall to this network address as in microsoft handles dhcp.

    These are the only differences.
    The ipconfig -a shows the same whether dhcp or static configured. (2 nic cards and a local loopback)

    I will statically try to add the default gw of 0.0.0.0 and see if any luck and get back with any results.

  8. #8
    Just Joined!
    Join Date
    Jun 2007
    Location
    In North America
    Posts
    20
    Quote Originally Posted by Segfault View Post
    What's the point setting up another NAT router if you already have one? Want to increase network lag?
    Most cheap routers cannot handle advanced needs. If this is the case, why don't you put your existing router in bridge mode?
    The objective is to have finer traffic control and monitoring/auditing than the crappy dlink can provide.

    I'm not sure if there will be an issue with possilbly having to double nat or not. I am working ad hoc right now and my first problem is the static nic address assignment on the soon to be linux firewall device.

    I want to protect the private network behind the Firewall and have the wireless dlink used for guests and other wireless devices I don't care about protecting being able to access the Internet.

    First things first though.

  9. #9
    Just Joined!
    Join Date
    Jun 2007
    Location
    In North America
    Posts
    20
    Thanks for the help.

    I decided to use Fedora and ditch Opensuse. I have it working now.

    Now on to iptables so you guys will hear from me soon!



    Thanks again for input.

  10. #10
    Just Joined! jr0sco's Avatar
    Join Date
    Aug 2010
    Location
    Australia
    Posts
    41
    There is a distro called smoothwall that has a nice web gui on top of iptables or if you stick with fedora you could run shorewall as a service. Shorewall makes it easier to configure iptables using configuration files.

    These maybe worth a look at.

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •