* With the development of the Internet, more and more small and medium-sized enterprises need to set up a simple lan to enable internal staff to access the Internet and manage simple internet behavior. Linux is no longer a gateway server, it is also open-source and free, and can publish Web for free.
1. Build the required environment
Centos 5.3 64-bit system, dual Nic configuration; activate ADSL dial-up account and password and other preliminary work, the company's simple topology is as follows:
Ii. Formal Configuration
Connect the company's internal LAN according to the topology. Here we only configure the Linux gateway server, as shown below: To enable Intranet access within the company, first ensure that the linux gateway server first accesses the Internet and configure pppoE dial-up. yum install rp-pppoe-y install rp-pppoe a package, you can also use rpm to install it on the disc. after installing pppoe, we began to configure the NIC, set eth0 to 192.168.0.1 for the company's intranet gateway, and eth1 to ADSL dial-up Nic. Note * You can directly configure the ip address + subnet mask for eth0. enable the network adapter for eth1 without configuring the ip address.
3. Start configuring ADSL dialing
Run this command:/usr/sbin/adsl-setup and configure it as prompted. >>> Enter your PPPoE user name: -- Enter the user name of the dial-up account >>> Enter the Ethernet interface connected to the ADSL modem For Solaris, this is likely to be something like/dev/hme0. For Linux, it will be ethn, where n is a number. (default eth0): -- Enter eth1 >>> Enter the demand value (default no): Press Enter by default >>> Enter the DNS information here: -- enter the DNS server IP address of the local carrier. If you do not know the IP address, press Enter. >>> Please enter your PPPoE password: -- enter the User password >>> Please re-enter your Passwd: -- confirm the password >>> Choose a type of firewall (0-2 ): -- input 2 encapsulation to enable other LAN machines to access the Internet >>> Accept these settings and adjust configuration files (y/n )? -- Enter y to complete the settings will generate a temporary ppp0 Nic,/etc/sysconfig/network-scripts/ifcfg-ppp0
4. Start a dial-up connection
No error is reported for/usr/sbin/adsl-start, and then ping g.cn or baidu.com to access the Internet normally. If you cannot access the Internet, configure linux/etc/resolv. enter nameserver 202.106.0.20 in conf or check whether the dialing is normal. After confirming that the linux gateway can access the Internet, configure the firewall and add the following sentence. -A postrouting-s 192.168.0.0/24-o ppp0-j MASQUERADE and enable forwarding: echo "1">/proc/sys/net/ipv4/ip_forward! Restart the Firewall/etc/init. d/iptables restart. The client verifies the Internet access!
5. Summary After configuration
More things can be configured in the firewall, such as publishing a web site or FTP, limiting the client's access to MAC and ip addresses, limiting a port, and ip redirection, written later with the squid Cache Server