Step by Step Procedure
Step 1. Add 2 Network cards to the Linux box
Step 2. Verify the Network cards, check if they installed properly or not
Step 3. Configure eth0 for Internet with a Public (External network or Internet)
# cat ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
IPADDR=X.X.X.X
NETMASK=255.255.255.0
NETWORK=X.X.X.0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
GATEWAY=X.X.X.X # Provided by the ISP
Step 4. Configure eth1 for LAN with a local IP (Internal private network)
# cat ifcfg-eth1
BOOTPROTO=none
PEERDNS=yes
TYPE=Ethernet
IPV6INIT=no
DEVICE=eth1
NETMASK=255.255.0.0
BROADCAST=""
IPADDR=192.168.1.1
NETWORK=192.168.0.0
USERCTL=no
ONBOOT=yes
Step 5. Gateway Configuration
# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=nat
GATEWAY=X.X.X.1
Step 6. DNS Configuration
# cat /etc/resolv.conf
nameserver 4.2.2.2 # DNS Server
Step 7. NAT configuration with IP Tables
First of all you have to flush and delete existing firewall rules. So flush rules by typing in terminal:
iptables -F
iptables -t nat -F
iptables -t mangle -F
Now delete these chains:
iptables -X
iptables -t nat -X
iptables -t mangle -X
# Set up IP FORWARDing and Masquerading
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth1 -j ACCEPT
# Enables packet forwarding by kernel (save this setting in /etc/sysctl.conf file)
echo 1 > /proc/sys/net/ipv4/ip_forward
#Apply the configuration
service iptables save
service iptables restart
# Check if iptables is set to start during boot up
chkconfig –list iptables
Step 8. Testing
Go to Client Machine
ping local LAN gateway ie local ip of linux server
Hurrey
its Done
No comments:
Post a Comment