On Fri, Mar 17, 2023 at 8:55 PM Timothy M Butterworth < timothy.m.butterwo...@gmail.com> wrote:
> All, > > I have two network interfaces on my PC and I want to route the stub > interface to the internet facing interface and perform Masquerading. My > Internet facing NIC is set to use zone drop and my inside facing zone is > set to use zone trusted. > > # enable routing > echo 1 > /proc/sys/net/ipv4/ip_forward > > # verify IP forwarding is enabled. > cat /proc/sys/net/ipv4/ip_forward > 1 > > # Configure Masquerade zone > firewall-cmd --zone=drop --add-masquerade --permanent > firewall-cmd --reload > > # check masquerade configuration > firewall-cmd --zone=drop --query-masquerade > yes > > # Ping Test Internet facing NIC. > ping -4 www.google.com > 6 packets transmitted, 6 received, 0% packet loss, time 5008ms > > # Ping test internal facing NIC. > ping -4I enx0000000011f1 www.google.com > 23 packets transmitted, 0 received, 100% packet loss, time 22532ms > > When sourcing from the internal NIC the ping fails which leads me to > believe Masquerade is not working. > > Am I missing something? > I solved the problem. It was not with my Linux Machine it was with my Juniper Router running in security context mode instead of routing context mode. Everything works now as expected. > Tim > -- > ⢀⣴⠾⠻⢶⣦⠀ > ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system > ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ > ⠈⠳⣄⠀⠀ > -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄⠀⠀
