-
June 20th, 2007, 05:36 PM
#1
subnetting and ip addresses with ipcop
ok, so this ones got me stumped. I have an ipcop, and it's on its subnet .0.1 and it connects to the internet on its red (bad interface) and green to the internal subnet (good, home, .0.1) which just goes to a wireless router. I used a crossover cable to connect em and everything works great. I have one issue though, the ipcop doesn't see or know any of the ip addresses on my home network, so all my logs are incomplete (i just get .0.200 for ip addresses in my home network rather than .1.x). Also, i wanted to set up a transparent proxy to a content filtering system on a server on my home subnet, but i cant because it would filter the content filterer to, creating an infinite loop
i.e. my computer wants isohunt.com, ipcop sends the request through to my wireless router (.0.200:8118) which forwards to server (.1.x:8118) which asks for the page and is caught by ipcop, which repeats the process.
I have the option of giving a computer unrestricted access, which would work and is the solution i need, but ipcop doesnt have any clue who 192.168.1.x is and where he is.
So how do i fix it?
isnt there a way in linux using ifconfig or hosts or something to say which interface an ipaddress is on? is that even what i want? I guess i could put a hub on ipcop, then a crossover to the hub for my router, and then the server on the hub. but then i have to move other services and reconfigure and stuff. Maybe one day I'll do that but not today. Anyways, any help would be appreciated, later and thanks
if God was willing to live all out for us, why aren't we willing to live all out for Him? God bless,
Godsrock37
my home my forum
-
June 20th, 2007, 05:58 PM
#2
Does your set-up reflect this:
Internet -->-->--> IPCOP F/W -->-->--> Wireless AP -->-->--> Wireless clients
And from the firewall > Router > Hosts everything is on a 192.168.0.X/24 IP range?
-
June 20th, 2007, 06:04 PM
#3
close, sorry. that was probably unclear
internet --> ipcop (f/w and proxy) (.0.1) -->(.0.200) Wireless AP (.1.2) --> (.1.x) clients/home network and server
if God was willing to live all out for us, why aren't we willing to live all out for Him? God bless,
Godsrock37
my home my forum
-
June 20th, 2007, 06:42 PM
#4
Why cant you set all your network devices to be on the same subnet?
-
June 20th, 2007, 07:31 PM
#5
i like the two subnets for lots or reasons. I think i'll leave it at that so that we dont get off topic
if God was willing to live all out for us, why aren't we willing to live all out for Him? God bless,
Godsrock37
my home my forum
-
June 20th, 2007, 07:58 PM
#6
I don't think it is possible to work the way it is setup.
-
June 20th, 2007, 08:34 PM
#7
poop, thats no fun. u sure? well how about just simple things like if i wanted to ping 192.168.1.1 from the ipcop? i'm sure thats gotta be possible
if God was willing to live all out for us, why aren't we willing to live all out for Him? God bless,
Godsrock37
my home my forum
-
June 20th, 2007, 09:56 PM
#8
This sounds rather similar to the setup I have.
My setup:
internet-->ipgateway(192.168.1.1)-->(192.168.1.2)wireless router(192.168.2.1)-->me(192.168.2.x)
My gateway thinks all traffic that's coming from behind the router is coming from 192.168.2.1, because the wireless router does all the DHCPing, NATing and stuff.
Btw, I do the ipgateway thing because it's hard sharing a dialup connection otherwise.
Last edited by NukEvil2; June 20th, 2007 at 10:11 PM.
Reason: speeling erors
-
June 20th, 2007, 11:21 PM
#9
Going off the info you have provided I think you have a routing issue - as someone mentioned if your Wireless AP is handing out the IP addresses to your clients, then something needs to tell the firewall about the subnet and how to reach it - I wouldn't have thought the wireless AP would do this, unless you have a high end one.
So for example when the firewall is told to ping 192.168.1.X if has no idea where that subnet is our how to get to it - in fact it will have a default route in place to send all unknown traffic to your ISP's router and on to the Internet, however obviously the 192.168 range is not routable over the Internet.
I've not used IPCOP before but I suppose there must be a way to configure a static route in it to tell it to send all 192.168.1.x traffic to the wireless AP.
At the moment your wireless AP will NAT the 192.168.1.x subnet to 0.200 address (which will explain the log entries you are seeing) so as far as the firewall is concerned there is only the 0.200 address on that interface.
A rule similar to the following would be needed
route 192.168.1.0 255.255.255.0 -> 192.168.0.200.
This way the Wireless AP will receive the traffic and as it knows about the other IP range it will send it on as normal.
-
June 21st, 2007, 12:43 AM
#10
No im not sure but I dont think its possible with that setup... maybe some one else has some ideas.
Similar Threads
-
By mooret in forum General Computer Discussions
Replies: 2
Last Post: March 18th, 2005, 11:33 PM
-
By HTRegz in forum Other Tutorials Forum
Replies: 1
Last Post: October 16th, 2003, 04:36 PM
-
By [WebCarnage] in forum Other Tutorials Forum
Replies: 16
Last Post: February 27th, 2002, 10:03 PM
-
By MrLinus in forum Other Tutorials Forum
Replies: 6
Last Post: January 28th, 2002, 04:08 AM
-
By mountainman in forum Other Tutorials Forum
Replies: 2
Last Post: December 21st, 2001, 09:23 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|