Red Hat Networking - Routing Issue

This is Interesting: Free IT Magazines  
Home > Archive > Red Hat Networking > January 2004 > Routing Issue





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Routing Issue
Michael B. Smith

2004-01-23, 7:35 pm

Okay, this might get a little complicated in the telling, but here goes.
I have 2 different external network drops, one of which has multiple IPs,
the other of which is a cable modem with a single IP.
I want to put a box with 2 network interfaces (Cobalt Qube 3) between the
two so that I can use it as an ftp and http proxy from the network with
multiple IPs, allowing those users to select that connection and force data
through the cable modem rather than out straight to the internet.
Complicating the issue are 2 small linksys routers in front of each end of
the interface to keep out unwanted guests.
SOOOO..... diagrammatically, I have:

Internal Network
|
FireWall
|
External Switch --- Router #1 --- Qube 3 --- Router #2 --- Cable Modem ---
INTERNET
|
INTERNET


The current configuration is:
Router #1: (t-1 side)
WAN: xx.xx.163.228
NM: 255.255.255.224
GW: xx.xx.163.225
LAN: 192.168.5.1
Ports Forwarded:21,22,1024-4999 to 192.168.5.2

Qube 3:
eth0: 192.168.5.2
eth1: 192.168.4.2
GW: 192.168.4.1
Static Routes:
all to: xx.xx.163.225/255.255.255.224 gate to 192.168.5.1 on eth1
all to: xx.xx.41.150/255.255.255.0 gate to 192.168.4.1 on eth0

Router #2 (cable modem side)
WAN: xx.xx.41.150
NM: 255.255.255.0
GW: xx.xx.41.1
LAN: 192.168.4.1
Ports Forwarded:21,22,1024-4999 to 192.168.4.2

So, I have the http proxy working fine with Apache 2.x. I am trying to set
up a true FTP proxy so that I can have my users use WS_FTP to connect to the
proxy and have all ftp traffic go out through the cable modem connection. I
can get my ftp client to connect to the proxy and log in to external sites
over the cable modem. The problem comes when the ftp site tries to return
data (directory listing). My client on the internal network never receives
the listing. I can FTP from the Qube through the proxy to an FTP site and
everything is fine, so the data is having trouble getting back through
router #1 and my firewall. I'd rather not open the passive port range
(1024-4999) I am using on the firewall to my internal network. I've tried
both active and passive FTP session to no avail. I'd like some suggestions
on what the problem is and how to get around it.

Thanks,
Mike Smith

Please remove the _NO@SPAM_ for replies.


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com