Well, I would remove the gateway from eth0 and set it for your public interface. Btw: Where is your second, public interface in your /etc/networking/interfaces? What does ip route say about the default route?
On 10.5.0.1 you should have done a NAT-Configuration like that (eth1 would be the public interface): iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth1 -j MASQUERADE 10.6.0.1 can reach the internet without an own NAT, if it has the correct default route (gateway 10.5.0.1). Am 21.02.2014 00:43, schrieb motty cruz: > my apologies that was a typo. that is not how interfaces files look. > > Thanks, > > > On Thu, Feb 20, 2014 at 3:33 PM, Florian Schmitt <florian.schm...@qikgrp.com >> wrote: > > Hi! > > Am 21.02.2014 00:23, schrieb motty cruz: >>>> >>>> cat /etc/network/interfaces >>>> >>>> iface eth0 inet static address 10.5.0.1 netmask 255.255.255.0 >>>> gateway public IP up route add -net 10.6.0.0 netmask 255.0.0.0 gw >>>> 10.5.0.6 dev eth0 >>>> >>>> >>>> this does not work because then all traffic gets routed to that >>>> interface, 10.5.0.6 including public traffic. >>>> >>>> > > Why are you using netmask 255.0.0.0? This would also include your > 10.5.0.0/24 net. > > > Florian > >> >> >> -- >> To UNSUBSCRIBE, email to debian-firewall-requ...@lists.debian.org >> with a subject of "unsubscribe". Trouble? Contact >> listmas...@lists.debian.org >> Archive: http://lists.debian.org/530690c2.7050...@qikgrp.com >> >> > -- To UNSUBSCRIBE, email to debian-firewall-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/53069a70.7000...@qikgrp.com
