Centos 7 forward traffic across two interfaces
Client1
Windows 10 PC 192.168.1.5
Centos 7 Router
enp1s0 is WAN facing 192.168.10.0/24 using IP 192.168.10.15
enp2s0 is LAN facing 192.168.1.0/24 using IP 192.168.1.15
Client2
Centos 7 NAS 192.168.10.100
[PC] [ Centos 7 Router ] [NAS]
client1 -> switch -> enp2s0 -> enp1s0 -> switch -> client2
From my Centos 7 Router i can ping both client1 and client2. I am unable to ping client2 from client1, or client1 from client2.
On my Centos 7 router I did the following:
# yum -y install traceroute.x86_64 net-tools.x86_64 iptables-services.x86_64 iptables-utils.x86_64
# ip route show
default via 192.168.10.1 dev enp1s0 proto static metric 100
192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.15 metric 100
192.168.10.0/24 dev enp1s0 proto kernel scope link src 192.168.10.15 metric 100
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.10.1 0.0.0.0 UG 100 0 0 enp1s0
192.168.1.0 0.0.0.0 255.255.255.0 U 100 0 0 enp2s0
192.168.10.0 0.0.0.0 255.255.255.0 U 100 0 0 enp1s0
# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.10.1 0.0.0.0 UG 0 0 0 enp1s0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 enp2s0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 enp1s0
Turn in IP forwarding
# echo 1 > /proc/sys/net/ipv4/ip_forward
Make IP forwarding perminent
# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
On client2 Centos 7 NAS set route on my 192.168.10.100 interface for 192.168.1.0/24 traffic using the 192.168.10.15 interface of the Centos 7 router
# ip route add 192.168.1.0/24 via 192.168.10.15 dev br0
On client1 windows 10 machine run as elevated
(Win key; type cmd; press Ctrl+Shift+Enter; and then hit Alt+C to confirm the elevation prompt.)
on client1 Windows 10 PC set route on my 192.168.1.5 interface for 192.168.10.0/24 traffic using the 192.168.1.15 interface of the Centos 7 router
C:\> route add 192.168.10.0 MASK 255.255.255.0 192.168.1.15
The route add change will only stick across reboots if you add it with the -p flag, as in the following:
C:\> route -p add 192.168.10.0 MASK 255.255.255.0 192.168.1.15
I can now reach each client machine from the other
Friday, September 18, 2015
Friday, September 11, 2015
pfSense 2.2.4 Install Problems
pfSense 2.2.4 Install Problems
When installing from Live CD I ran across the following problems
One of my PC’s gave me a “Root mount waiting for: GRAID” message. It would later fail when trying to write the install to the hard disk. To get by this I followed the pfSense site for: (BTW it did not have a fake raid card. It was the onboard SATA ports not in RAID mode)
"Fake" RAID cards with a GRAID error
Certain "fake" RAID cards, driver/software-based RAID adapters that are not true hardware RAID, may fail to mount properly with the following error:
Root mount waiting for: GRAID
mountroot>
Another symptom can be that "Intel RAID" messages are shown during the boot sequence, and typing ? at the mountroot prompt it only shows the drive itself and no partitions:
Mounting from ufs:/dev/ada0s1a failed with error 19
mountroot> ?
[...]
ada0
• Escape to a loader prompt during bootup and run:
set kern.geom.raid.enable="0"
boot
• After a successful install/boot, add that settings permanently to /boot/loader.conf.local:
kern.geom.raid.enable="0"
END
On another PC I would get a mountroot error message while booting off the live CD on a USB attached CD rom.
Booting from USB
• If the boot stops with a mountroot error while booting off the live CD, usually with USB CD/DVD drives, escape to the loader prompt and run the following:
set kern.cam.boot_delay="10000"
boot
• On 2.0 this is on the boot menu - option #3 to boot from USB devices.
At which point the boot will continue normally and a normal installation will be possible.
If running permanently from a medium that requires this delay, edit /boot/loader.conf.local and insert the following line:
kern.cam.boot_delay="10000"
• If booting fails from a USB 3.0 port and the above does not help, try a USB 2.0 port with the same delay settings.
END
When installing from Live CD I ran across the following problems
One of my PC’s gave me a “Root mount waiting for: GRAID” message. It would later fail when trying to write the install to the hard disk. To get by this I followed the pfSense site for: (BTW it did not have a fake raid card. It was the onboard SATA ports not in RAID mode)
"Fake" RAID cards with a GRAID error
Certain "fake" RAID cards, driver/software-based RAID adapters that are not true hardware RAID, may fail to mount properly with the following error:
Root mount waiting for: GRAID
mountroot>
Another symptom can be that "Intel RAID" messages are shown during the boot sequence, and typing ? at the mountroot prompt it only shows the drive itself and no partitions:
Mounting from ufs:/dev/ada0s1a failed with error 19
mountroot> ?
[...]
ada0
• Escape to a loader prompt during bootup and run:
set kern.geom.raid.enable="0"
boot
• After a successful install/boot, add that settings permanently to /boot/loader.conf.local:
kern.geom.raid.enable="0"
END
On another PC I would get a mountroot error message while booting off the live CD on a USB attached CD rom.
Booting from USB
• If the boot stops with a mountroot error while booting off the live CD, usually with USB CD/DVD drives, escape to the loader prompt and run the following:
set kern.cam.boot_delay="10000"
boot
• On 2.0 this is on the boot menu - option #3 to boot from USB devices.
At which point the boot will continue normally and a normal installation will be possible.
If running permanently from a medium that requires this delay, edit /boot/loader.conf.local and insert the following line:
kern.cam.boot_delay="10000"
• If booting fails from a USB 3.0 port and the above does not help, try a USB 2.0 port with the same delay settings.
END
Subscribe to:
Posts (Atom)