- This topic is empty.
September 1, 2010 at 9:08 pm #42622nqsMember
Hi peeps. I’m new to zeroshell and am having trouble accessing hosts behind zer
oshell from outside. from inside to uout is fine, but not from parent subnet t
My network is a bit different, as I connect to landlady’s network via wireless. so the current setup looks like:
internet –> WAP –> wireless bridge –> switch0 –> zeroshell –> switch1 –> host
eventually switch0 will be removed and all machines connected to switch1. Except for the zeroshell box all machines downhill of the bridge are running gentoo linux.
switch0 is connected to eth00 @ 192.168.1.3. wap is .1 and bcridge is .2. the interface for switch1 is eth01, with an address of 192.168.2.1. currently only machine connected to switch1 is configured at 192.168.2.5, hostname ‘codex’.
When I try to ping codex from any other machine on the network, it fails. However, if I ssh to zeroshell and ping from there, it works. same on both points for ssh to codex. this is using both hostname and IP to connect (IP only from zeroshell)
once connected to codex, pings to 192.168.2.1, 192.168.1.x, and http://www.google all work.
don’t know if it matters, but the machine i’m attempting to communicate with codex via a wireless connected laptop. I am going to try to see if a direct hookup makes a difference
a direct hookup does not change any of the above.
NQSSeptember 2, 2010 at 6:26 am #51036ppaliasMember
Most likely you are NATing traffic going out of ETH00 interface. This means that all traffic coming from ETH01 interface has its source IP translated into the IP of ZS (192.168.1.3). In order to make it work from outside to inside you have to do 2 things:
1) Add a static route on the router outside for the network 192.168.2.0/24 that is reachable via 192.168.1.3
2) Remove NAT completely or configure it not to masquerade when the destination address is 192.168.0.0/16
- You must be logged in to reply to this topic.