Ping a Specific Port

Question

jchawk

Asked: 2009-08-27 09:27:39 +0800 CST2009-08-27 09:27:39 +0800 CST 2009-08-27 09:27:39 +0800 CST

Route/IPtables Question

772

I have the following setup -

Verizon Fios Router - WAN - Public IP Address Verizon Fios Router - LAN - 192.168.1.1

This connects directly to an internal Linux Router -

Internal Router Linux - eth0 - 192.168.1.2 Internal Router Linux - eth1 - 10.10.10.1

The problem I am having is if a request originates from the 10.10.10.x network or the 192.168.1.2 network to the public IP address the request gets lost somewhere in networking land.

The linux router is on the internet directly via the DMZ feature of the Fios router.

I think I'm just missing a basic route command but I'm not sure where to go next.

The reason any of this matters is I am trying to run the VNC-Java client on the linux router to connect to the vncserver that is running directly on the same machine. When the java client goes to connect it tries to connect to the external IP address which the linux router really has no idea about because it believes it's 192.168.1.2.

I suppose there is another solution... And that's tell the tightvnc java client to connect to the host 192.168.1.2 but I can't find where exactly to set that either.

Regular VNC client works fine but I would like to avoid having to have the client software.

Thoughts / Suggestions? Am I just out of luck due to the one to one nat?

2 Answers

Voted

Guss · Answer 1 · 2009-08-27T10:05:38+08:00

Best Answer

Guss

2009-08-27T10:05:38+08:002009-08-27T10:05:38+08:00

Regarding the routing issue, because your internal network uses non-routable IP addrsses (private), then your linux router must "masquerade" them when they go out through the external IP address (which is also non-routable, but your Linux router need not know that - the Cisco can handle that part).

Something simple like

iptables -t nat -I 1 POSTROUTING -s 10.10.10.0/24 -o eth0 -j MASQURADE

should do the trick. If you can tell me what distribution you are using on the Linux router then I can give better instructions on how to set it up permanently as part of your Linux router's network setup.

Also please make sure that you have ip_forwarding enabled - check the output of sysctl net.ipv4.ip_forward : it should say "1"

1

wolfgangsz · Answer 2 · 2009-08-27T10:18:04+08:00

wolfgangsz

2009-08-27T10:18:04+08:002009-08-27T10:18:04+08:00

In addition to Guss' answer (which is correct) you will also need to make sure that all your computers have the correct default gateways configured. For the computers on the 10.10.10.x subnet this is probably 10.10.10.1. For all computers on the 192.168.1.x subnet this is probably 192.168.1.1 (at least this is what I am reading from your post).

Normally these would be set through DHCP. If you don't use DHCP, you will have to set these values (and their corresponding subnet masks) manually.

0

Route/IPtables Question

Ping a Specific Port

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What's the command-line utility in Windows to do a reverse DNS look-up?

How to check if a port is blocked on a Windows machine?

What port should I open to allow remote desktop?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?