Help - Search - Members - Calendar
Full Version: Windows Not Getting Through Linux Gateway
Linuxhelp > Support > Technical Support
DougFresh
I have the following problem

Our network consists of several (20) windows 2K PCs networked on a single domain with mail
delivered by MS Exchange server 5.5.

This domain is connected through a linux firewall / proxyserver / mail handler to the internet.
For these jobs I use Red Hat 9, GuardDog, squid and sendmail.

The Linux box has two network cards to act as a gateway.

All appears to be running well - users get their mail and can surf the net quite happily.

The problems start when trying to connect to the net other than through their browser.

for example entering

ping www.bbc.co.uk

returns a time out error. The Name is resolved correctly but the connection is not made.
The same happens when Telnet'ing or trying to establish socket connections with Perl.
Furthermore - trying to connect to an ftp site from within the browser aso times out.

If any of the above are attempted on the Linux box all work without error.

I am assuming the problem here is the firewall settings. I've tried allowing anything remotely
connected to the above services through the firewall but without success. I know the firewall
is doing its job because when I deny a service all the browsers (and the users) complain.

I have tried basic firewall scripts but to no avail.

If anyone can help I would be most gratefull!
hughesjr
If your linux box is able to do everything ... (as you said), but the only thing working for clients is the browser, then the problem is that you have setup your firewall OK with guarddog, BUT you don't have properly set up ROUTER on the Linux Box.

The reason that the browsers are working is that you have setup a proxy server....you need to use something like guidedog (a companion to guard dog) to setup IP Routing (and maybe masquerading / NAT).

You would need IP masquerading / nat if you are using non-routable IPs behind the firewall (like 192.168.0.0 or 10.0.0.0 networks) ... if the internal network is using actual routable IPs then only routing is needed...
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.