On Thu, Jun 28, 2007 at 11:07:01PM +0100, Adam Hardy wrote: > Andrew Sackville-West on 25/06/07 04:27, wrote: > >On Sat, Jun 23, 2007 at 08:35:09PM +0100, Adam Hardy wrote: > >>I have set up a network for our house using a gateway server with etch > >>and two NICs, eth1 for the internal network and eth2 for the DSL modem. > >> > >>I set up iptables with firewall-builder and all seems OK, but I can only > >>ever access the web interface on the DSL modem from the gateway server > >>directly after downing the internal network on eth1. > >> > >>The modem's web interface is on 192.168.1.1 on eth2 and if I don't down > >>eth1, the browser won't find it. > > > >number your internal lan addresses in a different subnet. Use > >192.168.2.x for your lan. Then, because the modem is on a different > >subnet, it should "just work". At least in my lan it works that > >way. My dsl modem is accessible as 192.168.0.1 while my lan is > >192.168.1.x. > > > >also, you can sometimes (depending on how its all configured) access > >the modem by browsing to your *public ip* which resolves to your > >modem, but since you're coming form the inside, it gives you the > >configuration. > > That worked! Respect to you. I have only a small grasp of what my iptables > config does, but it works.
that wasn't so much an iptables issue as a routing issue. I'm guessing you had your network configured with the same subnet on two different interfaces. I'm not really sure how it all works, but with eth1 coming up first and being attached to the 192.168.1.* subnet, then when the machine goes looking for 192.168.1.1 (the router) it looks on eth1 and can't find it because its on the other interface. make sense? that's surely a flawed explanation, but it works for me. A
signature.asc
Description: Digital signature
