[Klug-general] Multiple routes out

Alan Buchel alan at communitytechnology.org.uk
Mon Dec 6 17:21:11 UTC 2010 

Thanks Peter. Yes I have quadruple-checked the Smoothie and the 
configuration is fine, and works perfectly as long as the gateway for 
the server is set as the Smoothwall box.

On 06/12/10 17:02, Peter Childs wrote:
> On 6 December 2010 16:27, Alan Buchel<alan at communitytechnology.org.uk>wrote:
>
>> Hi All,
>>
>> I have a slightly complicated situation with a routing requirement, have
>> RTFM's till my brain hurts and hope someone can help...
>>
>> We have a Server inside a private network which routes out through a WLAN
>> switch as it's main uplink to the internet. It syncs with other servers over
>> this network. For reasons beyond my control, the server is only allowed 1 IP
>> address. Now we want to expose some of the services on this server such as
>> www (80) to the outside world via a broadband line, and such a facility is
>> unavailable via the WLAN.
>>
>> So I thought: just put in a smoothwall box, RED NIC on the ADSL, GREEN on
>> the same IP subnet as the Server, forward the required ports to Server and
>> job done. Oh no, not a bit...
>>
>> While the server WILL respond to www requests (like wget and telnet)
>> directly FROM the smoothwall box, it will, not respond to www requests that
>> come from clients on the RED side of smoothwall. The portforwarding on the
>> smoothie works fine, and I know this is so because if I set the default
>> gateway for the Server to be that of the Smoothwall GREEN. Then the port
>> forward works just fine...
>>
>
>
> Sounds like a problem with the Smoothwall Box.
>
> You need to check the port forwarding from the Red NIC to the Green, Just
> because the IP Masquerading works does not mean that the port forwarding it
> correct.  You need an extra rule in IP Tables to do that. No matter what you
> write to route will change anything you need to set the iptables rules
> correctly.
>
> I've not used Smoothwall but I could probably come up with an IP tables rule
> to do that with a bit of work, but I'm guessing Smoothwall might well have a
> User Interface to do it in......
>
> Hope that at least gives you some ideas
>
> Peter.
>
>
>>
>> So I guess the problem is with routing, we need to figure out how to tell
>> the server to use SMOOTHWALL GREEN as the gateway for requests coming from
>> SMOOTHWALL GREEN and to use WLAN for the rest.
>>
>> Does anyone have any ideas how to go about this, or have another idea on
>> how to achieve  what we need? (have been trying route add -net %$^%^&%^&
>>   till I am blue in the face and mostly only seeing syntax errors)
>>
>> Alan
>>
>>
>>
>>
>>
>> _______________________________________________
>> Kent mailing list
>> Kent at mailman.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/kent
>>
>
>
>
> _______________________________________________
> Kent mailing list
> Kent at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/kent

More information about the Kent mailing list