Andrei Popescu wrote: > On Thu, Nov 15, 2007 at 12:08:21AM -0500, H.S. wrote: >> Hello, >> >> I have an adsl modem connected to a linux box which acts as a router. >> The router machine has three interfaces: >> eth1: 192.168.1.2, connected to the modem >> eth0: 192.168.0.1, the wired LAN (192.168.0.0/24) using a switch >> ath0: 192.168.5.1, the wireless lan (192.168.5.0/24) >> >> The modem's LAN ip address is 198.168.2.1. The modem is working in > --------------------------------------^^^^^ > typo?
Yes. Modem's LAN ip is 192.168.1.1. Thanks. >> bridge mode and when a connection is established, ppp0 is formed on >> the >> router machine. >> >> The iptables script that I have on the router machine does the >> forwarding and nat. All works okay between the wired and wireless LAN >> and the internet and also within the wired and wireless LAN. >> >> The problem is that I can access the modem's web interface (on >> 192.168.2.1) only from the router machine and not from any other LAN >> machine. Could somebody tell me what are the iptables rules needed to >> make this happen? > > I'm not a network expert, but I'm guessing you are forwarding from > eth0 and ath0 only to ppp0. You probably have to add forwarding also to > eth1. That forwarding is already there. Somebody on comp.os.linux.networking suggested that my packets are probably passing fine to the modem. But the routing in modem doesn't know what to do with non 192.168.1.0/24 addresses. He suggested to use POSTROUTING and SNAT to make the modem see that it should reply to the router for such packets. Tried that, but it didn't work. I will have to look at that a bit more carefully. The other option is to add a route in modem iteself which sends packets from 192.168.[05].n to 192.168.1.2 (eth1 of the router computer, which is connected to the LAN port of the modem). Got to try this as well yet. Curiously, haven't got anything related from many tries at google about this. thanks, ->HS > Regards, > Andrei -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
