can’t route private addresses 172.0.0.0

Home Page Forums Network Management ZeroShell can’t route private addresses 172.0.0.0

This topic contains 1 reply, has 0 voices, and was last updated by  cozzi@nd.edu 7 years, 3 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #43163

    cozzi@nd.edu
    Member

    ZS 1.0 beta16
    I’m configured as a Router doing NAT on the wan interface.
    Everything seems to be working with multiple IP addresses
    on the wan side and port forwarding to the inside, however…
    When I use a VPN client on the outside who assigns addresses like 172.17.0.0,
    port forwarding does not work. In working with other NAT boxes
    I’ve noticed that it is common to block private addresses through
    the box, i.e. 10.0.0.0 , 172.0.0.0 etc… Can’t find this on ZS.

    For example: I have a system on the inside 192.168.1.4 and an address
    on the wan side of ZS with address 64.64.64.2. Port forwarding from
    64.64.64.2:22 to 192.168.1.4:22. Works fine when I ssh to this system from
    an address like 64.64.64.200. When I use a vpn client, times out.
    From 64.64.64.200 to the ZS box itself, 64.64.64.1 works without using vpn.
    With vpn, times out.

    I’ve put iptables rules in:
    >setup>ssh allow 172.17.0.0/16

    Also:
    iptables INPUT Chain position 1
    all –s 172.17.0.0/16 all –j ACCEPT
    FORWARD
    -s 172.17.0.0/16 ALL –J accept
    -d 172.17.0.0/16 ALL –J accept
    OUTPUT
    all –d 172.17.0.0/16 –j ACCEPT

    Any ideas welcome

    Thank you
    –marc

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.