Home > Developer > Linux

Linux makes GW (NAT) detailed configuration

Source: Internet
Author: User
Tags uuid iptables
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Linux makes Enterprise Gateway GW (NAT) detailed configuration

Recently, because of the company's router aging caused by internet interruption, the last half-hour network broke once the network, for which I have a headache, the spirit of the company's purpose of saving costs, decided to get a CentOS gateway route, so in the online search, patchwork, finally, the gateway routed to get it done. I saw that there was not a complete description of the CentOS Gateway routing document, so I decided to share the experience of this deployment gateway route to everyone.

My environment is this:

External network fixed IP is 180.159.110.130 (company website and Mail), 180.159.110.127 (VPN)

Gateway-routed eth0 IP is the 180.159.110.130,eth1 intranet port IP is 192.168.200.1, and eth1 docking is panabit network behavior Management control device, and then received on the three layer switch, three layer switch and the CentOS Gateway route eth1 Port corresponding IP is 1 92.168.200.254. Email intranet IP is 192.168.20.12,vpn intranet IP is 192.168.20.127

System: centos6.5 Minimized

Network card: eth0 go outside the network, eth1 go intranet

The topology is as follows:

The deployment steps are as follows:

1, configure the ETH0 network card, information as follows:

Device=eth0

Hwaddr=14:dd:a9:e4:cf:32

Type=ethernet

Uuid=d60cfc7d-d34b-4e87-bce6-9fa216b8aee6

Onboot=yes

Nm_controlled=no

Bootproto=static

ipaddr=180.159.110.130

netmask=255.255.255.0

gateway=180.159.110.225

Configure the Eth0:1 interface with the following information:

Device=eth0:1

Hwaddr=14:dd:a9:e4:cf:32

Type=ethernet

Uuid=d60cfc7d-d34b-4e87-bce6-9fa216b8aee6

Onboot=yes

Nm_controlled=no

Bootproto=static

ipaddr=180.159.110.127

netmask=255.255.255.0

gateway=180.159.110.225

2, configure the ETH1 network card, information as follows:

Device=eth1

Hwaddr=00:e0:4c:81:23:11

Type=ethernet

uuid=01b13968-0049-4778-b2ae-ae18b81b8722

Onboot=yes

Nm_controlled=no

Bootproto=static

ipaddr=192.168.200.1

netmask=255.255.255.0

3. Add Routes:

Edit the/etc/sysconfig/network-scripts/route-eth1 file with the following content:

192.168.0.0/16 via 192.168.200.254

Indicates that all 192.168.0.0 network segments of the intranet host through the 192.168.200.254 to reach the gateway route, because I have a lot of network segments here, so with the 16-bit mask

To view the routing table:

By the red line is the address of the external network

4. Enable forwarding and NAT for both internal and external network Routing and NAT translation:

Modify the/etc/sysctl.conf file so that the package forwarding function automatically takes effect when the system starts:
# Controls IP Packet forwarding
Net.ipv4.ip_forward = 1

5, Configuration iptables:

Edit/etc/sysconfig/iptables File:

6, set iptables boot

Chkconfig iptables on

Reboot

To this end, the work of CentOS as a gateway route is basically complete, and then what other firewall policies are added separately.   

    

Linux makes a GW (NAT) verbose configuration

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
gw docs iptables linux firewall configuration http configuration in linux httpd configuration in linux check dns configuration linux linux firewall configuration iptables configuration in linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More