www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

NAT not working

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
sirioxx



Joined: 17 Jan 2012
Posts: 9

PostPosted: Tue Sep 24, 2013 9:38 am    Post subject: NAT not working Reply with quote

Zeroshell 1.0 b16.

I have ETH00 (lan side).
It belogns to more networks (192.168.6.1/24, 192.168.0.3/24).
Nat is working fine for these two classes.
I add a new ip: 192.168.205.1/30 to use ad gateway.
Then I set 192.168.205.2 to a pc and 192.168.205.1 as gw.
The pc is able to ping the gw but it fails pinging a public ip address.
I tried then to set 192.168.6.88 to the pc (and 192.168.6.1 as gw) and it's able to ping the public ip address.
I've been looking then to zimbra tcpdump (WAN interface ET01).
Ad you can see, the remote server answer to the private ip!


Code:

tcpdump -i ETH01 -f | grep 85.10.193.55
11:19:36.298657 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:19:36.317115 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:19:36.317163 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:19:37.306796 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:19:37.325120 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:19:37.325189 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:19:38.314444 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:19:38.332755 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:19:38.332800 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:19:58.473963 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:19:58.492271 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:19:58.492329 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:19:59.481807 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:19:59.500204 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:19:59.500251 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:20:00.489639 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:20:00.508167 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:20:00.508231 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:20:01.497715 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:20:01.515945 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:20:01.515997 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:20:02.505627 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:20:02.523809 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:20:02.523852 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:20:03.513607 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:20:03.532293 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:20:03.532364 static.85-10-193-55.clients.your-server.de > 192.168.205.2: icmp: echo reply
11:20:04.521598 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:20:04.539710 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply






11:22:19.628034 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:19.646417 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:20.629965 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:20.649469 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:21.631892 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:21.650293 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:22.633640 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:22.653533 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:23.635385 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:23.653616 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:24.636751 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:24.655360 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:25.638911 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:25.657238 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:26.640837 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:26.659243 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:27.642954 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:27.661120 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply
11:22:28.644539 smtp.avalonisland.it > static.85-10-193-55.clients.your-server.de: icmp: echo request (DF)
11:22:28.662650 static.85-10-193-55.clients.your-server.de > smtp.avalonisland.it: icmp: echo reply


Here are my running NAT rules

Code:
iptables -t nat -L --numeric

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
SNATVS     all  --  0.0.0.0/0            0.0.0.0/0           
MASQUERADE  all  --  0.0.0.0/0            0.0.0.0/0           
MASQUERADE  all  --  0.0.0.0/0            0.0.0.0/0           
MASQUERADE  all  --  0.0.0.0/0            0.0.0.0/0           
OpenVPN    all  --  0.0.0.0/0            0.0.0.0/0           
   

Chain OpenVPN (1 references)
target     prot opt source               destination         
MASQUERADE  all  --  0.0.0.0/0            0.0.0.0/0           source IP range 192.168.250.1-192.168.250.2

Chain SNATVS (1 references)
target     prot opt source               destination


What do you think?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group