Hi All, I am having a problem and wonder if someone could take some time to read through my issue and offer a suggestion to where i may be going wrong?
I have installed Debian Lenny on two machines, one to host as a Firewall and the other a laptop with gdm. I have a wierd setup to prevent disturbing the family using the internet. My problem is that the laptop can not access the internet via the Debian Firewall LAN exiting on the Netgear segment. Below is a description of my setup. ADSL Modem > 4 Port Netgear Wireless Router > 8 Port Netgear Switch Debain Firewall eth0 (WAN) > 8 Port Netgear Switch Debain Firewall eth1 (LAN) > Laptop Windows XP PC (i know) > 8 Port Netgear Switch I have two networks: 4 Port Netgear Wireless Router 192.168.1.0/24 Debain Firewall 10.0.0.0/8 Interface configuration: ADSL Modem; - DHCP assigned via ISP 4 Port Netgear Wireless Router (192.168.1.0/24) -192.168.1.1/24 (LAN interface) -DHCP assigned via ISP (WAN interface) -Wireless is active but unused -DHCP server range 192.168.1.3 - 192.168.1.10 Windows PC (192.168.1.0/24) -Assinged via DHCP Debian Firewall eth0 (192.168.1.0/24) -192.168.1.2/24 (static) -192.168.1.1 (gateway) Debian Firewall eth1 (10.0.0.0/8) -10.0.0.1/8 (static) -10.0.0.1 (gateway) Laptop (10.0.0.0/8) -10.0.0.2/8 (static) -10.0.0.1 (gateway) The resolv.conf file on both the firewall and laptop is search simstatic.com nameserver 192.168.1.1 The firewall itself can access all hosts on the 192.168.1.0/24 network via eth0 and all hosts on the 192.168.1.0/24 network can access the eth0 interface of the firewall on IP 192.168.1.2. The firewall can also access the internet via eth0 (192.168.1.2/24). All internet access is via the netgear wireless router (192.168.1.0/24) connected to the ISP adsl modem. Hosts on 192.168.1.0/24 can not access Hosts on 10.0.0.0/8 network via eth1 due to a routing rule on the netgear router "10.0.0.0/8 192.168.1.1" but can access the eth0 interface on address 192.168.1.0/24. I connect using Putty from the windows pc to the Debian Firewall ( 192.168.1.0/24) so comfortable with the communication on this LAN segment. The laptop however is the problem, the firewall runs no dns service only the hosts file which is empty on both inc the lappy other than the local machine information and the resolv.conf file which is the netgear routers IP, last hop to isp. The laptop on IP 10.0.0.2/8 10.0.0.1 on eth0 can not access the netgear router on 192.168.1.1 nor the internet, obviously the reason why my laptop can not resolve names but i have also ping google.com actual ip address and i get the destination host unreachable message from 10.0.0.1 eth1 of my firewall. ip route show has the following from my firewall: 192.168.1.0/24 dev eth0 proto kernel scope link 10.0.0.0/8 dev eth1 proto kernel scope link default via 192.168.1.1 dev eth0 I have modifies the routes above to source any and the laptop ip route show is: 169.254.0.0/16 dev eth0 scope link metric 1000 (have removed and makes no difference) 10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.0.2 default via 10.0.0.1 dev eth0 The laptop has the default route to send all traffic to 10.0.0.1 where i get the error message from that interface but the firewall has the route and can access the internet so why would it now work, i am confused! I only get the icmp error host unreachable when using the IP Address not the FQDN, if i use the FQDN i get an unknown host error. /etc/sysctl.conf is set to allow ip forwarding across interfaces on the firewall but not on the laptop as the laptop has one interface. Can someone please help i am tired and if possible would like to try and get on with fwbuilder to configure iptables but stuck as i cant use the internet to assist. Sorry if i have over explained but unsure what would be needed so i have placed down everthing i know about my configuration. I thanks everyone for their time and hope someone can help me. Many thanks Martin.
