Discussion:
Routing between subnets with iptables
Don Ellis
2013-01-17 02:29:59 UTC
Permalink
We have a network set up with two subnets behind a NAT. We are able to
get out of the network from either subnet.

What we want to do is be able to connect between a system on one
subnet and a system on the other subnet.

Does anyone have examples of doing this using iptables?

systemA in subnet0: 10.0.1.200
systemB in subnet1: 10.0.3.200

I have tried making changes in the iptables configuration, but I don't
have enough experience in iptables to know where to use -i, -o, -d,
and -s (I think those are the values to be adjusted here). Also, I'm
making assumptions about what table and chain the rules need to be
added to, and when to append (-A) and when to insert (-I).

Except for my first adjustment to something someone else had done
wrong, my shooting in the dark has had no results.

TIA,

--Don Ellis
--
Central West End Linux Users Group (via Google Groups)
Main page: http://www.cwelug.org
To post: ***@googlegroups.com
To subscribe: cwelug-***@googlegroups.com
To unsubscribe: cwelug-***@googlegroups.com
More options: http://groups.google.com/group/cwelug
Don Ellis
2013-01-17 07:40:14 UTC
Permalink
We have a solution!

As expected, we will be kicking ourselves for a while for having
overlooked this detail!

Thanks again to everyone who helped - it might have taken quite a bit
longer without you guys...

--Don Ellis
Ok, its possible that the problem is that the machine on the .1
network, doesnt have a route to the .3.x network via 1.253, if all it
has is a default route via the router at 1.254.....
You need to add a static route on the 10.0.1.200 machine that says
destination 10.0.3.0, mask 255.255.255.0, gateway 10.0.1.253
BINGO! Adding routes from each server to the proxy server worked!
One of these days it will make sense, .. in the meantime, THANKS!!
Lee (& Don)
_______________________________________________
grlug mailing list
http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
--
Central West End Linux Users Group (via Google Groups)
Main page: http://www.cwelug.org
To post: ***@googlegroups.com
To subscribe: cwelug-***@googlegroups.com
To unsubscribe: cwelug-***@googlegroups.com
More options: http://groups.google.com/group/cwelug
Loading...