Posted: Mon Jan 17, 2011 23:45 Post subject: [SOLVED] Leased line routing question
Hello,
I got a leased line network connection installed by my ISP. It's a Huawei switch with Ethernet and I have two addresses. The "outside" interface address is:
AAA.BBB.130.100/31
And I have got 6 public ip's with a
AAA.BBB.192.192/29 subnet.
First I've setup my dd-wrt (on a Linksys wrt54gl router) with the following WAN interface:
Connection type: static ip
WAN IP: AAA.BBB.130.102
Subnet mask: 255.255.255.252
Gateway: AAA.BBB.130.101
Then I've configured the inner side of the dd-wrt:
Local IP: AAA.BBB.192.194
Subnet mask: 255.255.255.248
Gateway: AAA.BBB.192.193
After doing this, every host connected to the LAN side and assigned with a AAA.BBB.192.192/29 IP works well but the router does the NAT so the hosts look like they are coming from AAA.BBB.130.102.
Ok, in the Advanced Routing TAB I've changed operating mode from gateway to router and the LAN hosts look like they are coming from their real AAA.BBB.192.192/29 IP.
But it's not possible to reach these LAN hosts on their public IP and I cannot figure out what is wrong with this configuration.
My ISP is also unsure: one of their technicans said it's not possible but another one says it's so simple.
Can you help me?
Thank you!
Last edited by paha on Thu Jan 20, 2011 9:46; edited 2 times in total
The router's firewall is still blocking incoming traffic. You need to use iptables to allow incoming traffic to them. This rule added to your firewall script on the admin->commands page will allow everything through to them. If you want to allow less then see the iptables wiki page.
iptables -I FORWARD -j ACCEPT _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
The router's firewall is still blocking incoming traffic. You need to use iptables to allow incoming traffic to them. This rule added to your firewall script on the admin->commands page will allow everything through to them. If you want to allow less then see the iptables wiki page.
iptables -I FORWARD -j ACCEPT
Thank you phuzi0n I'll give it a try and tell the result.
The router's firewall is still blocking incoming traffic. You need to use iptables to allow incoming traffic to them. This rule added to your firewall script on the admin->commands page will allow everything through to them. If you want to allow less then see the iptables wiki page.