Hello,
x25 a écrit :
>
> My network is this: Router--eth1(IPCOP)eth0--Switch--LAN
>
> The IPCOP have two interfaces eth1 to router and eth0 to switch.
>>From the LAN dont arrive to router and havent exit to internet.
>
>>From the Lan arrive to IPCOP and eth0 but dont arrive to eth1.
Are you sure of this (did you check with tcpdump, (t)ethereal/wireshark
or another packet sniffer) ? Couldn't it be that replies from the router
or the internet don't arrive to the IPCOP ?
>>From the IPCOP arrive to all sites, internet, LAN.
>
> 1) Router Comtrend 536:
>
> * Formed like multiposition
> * IP to acces to router: 192.168.1.1 y la 192.168.2.1
Why two addresses ? And specifically, why 192.168.1.1, which is supposed
to belong to the LAN ?
> 2) Ipcop (Green+Red):
>
> * Interface RED:
> eth1: 192.168.2.5
> GW: 192.168.2.1
>
> * Interface GREEN:
> eth0: 192.168.1.5
Does the IPCOP do masquerading or source NAT for the LAN on the RED
interface ?
If no, requests from the LAN will arrive at the router with their
original 192.168.1.x source address but the router will be unable to
send the replies back because it has not the correct route to this
destination.
To fix this :
- enable masquerading or source NAT on the IPCOP on the RED interface
or
- add a static route to the LAN subnet (192.168.1.x) via gateway
192.168.2.5 (the IPCOP RED interface address)
and in any case :
- remove the address 192.168.1.1 on the router. Such addresses should
only be used on the GREEN side.
|
Similar Threads
Linear Mode
