HPE Community
Operating System - Linux
1827701 Members
2967 Online
109967 Solutions
New Discussion

Re: IP Masquarade Problem

 
Doni Darmawan
Advisor

‎07-03-2002 11:48 PM

‎07-03-2002 11:48 PM

IP Masquarade Problem

Hi all,

I have configured my Linux box as a proxy server using IP masquarade technique and Squid. In client sites use Windows 98 and Windows 2000, and both run Outlook 2000 for email. There is no problem as far as we just browsing with IE. But our email clients are not run properly when sending and receiving email. It always failed when trying to recognize pop3 and smtp server, but it always can be passed successfully the connection test --- it makes me confuse.
For additional information, our POP3 and SMTP server are at our ISP site, and we are using Red Hat Linux 7.2 kernel version 2.4.7-10, iptables version 1.2.3, squid version 2.4.
And I think I have configured the IP configurations in our Windows boxes with properly. Has anyone experienced this problem before?
Thanks for all your attention and any kind of help.

0 Kudos
Reply
9 REPLIES 9
benoit Bruckert
Honored Contributor

‎07-04-2002 06:35 AM

‎07-04-2002 06:35 AM

Re: IP Masquarade Problem

Hi doni,
Can you try from a Windows box to telnet to your ISP on POP3 and SMTP :
Do in a command line :
telnet 110
and
telnet 25

In order to check if routing is OK. Because I think the trouble is there !

Squid is Ok, so your connection to internet is OK.
But does routing is OK ? And for masquerading, you have to translate internal address to specific port of the public IP of your linux box.
I don't use masquerade, but hope this will help...
regards
Benoit
Une application mal pansée aboutit à une usine à gaze (GHG)
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎07-04-2002 03:08 PM

‎07-04-2002 03:08 PM

Re: IP Masquarade Problem

benoit gave some good things to test.

Beyond that, it would be good to check your IPTables Masquerading rules out, and as to whether you've enabled forwarding on your RH7.2 box.

As Squid doesn't need 'forwarding' enabled to work, it's unfortunately not a good test for the remainder of things.

You've not said what kind of connection you are using to the Internet, so whether to use 'Masquerading' (which is primarily designed for PPP Dial-up connections, with dynamic IP addresses) or to use 'NAT' (Network Address Translation) is hard to say.

Either way, it would make helping you easier if you were able to provide the output of the command:
iptables -t nat -v -n -L

One long-haired git at your service...
0 Kudos
Reply
Doni Darmawan
Advisor

‎07-04-2002 05:33 PM

‎07-04-2002 05:33 PM

Re: IP Masquarade Problem

Thanks Benoit and Stuart,
I appriciate your help.

Could you give me more detail technique how to translate internal address to specific port of the public IP? I never do it before because I'm a newbie in Linux. I configured our masquarading step by step following the "HOW-TO IPMasquerade" article at htpp://ipmasq.cjb.net.
I already test its connection in my Windows boxes also like Benoit said and it runs properly.

And for Stuart, we use ppp dial up connection.

Regards,

Doni
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎07-04-2002 06:11 PM

‎07-04-2002 06:11 PM

Re: IP Masquarade Problem

IPTables URL's:
http://www.iptables.org/documentation/HOWTO//NAT-HOWTO.txt
This one is excellent, and informs you how to set up exactally what you are asking.

http://www.iptables.org/documentation/index.html#FAQ
This is just the list of FAQ's available reguarding IPTables. They are most informative, and interesting, but not necessary reading.


Summary:
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

should be what you need.
One long-haired git at your service...
0 Kudos
Reply
Doni Darmawan
Advisor

‎07-04-2002 06:32 PM

‎07-04-2002 06:32 PM

Re: IP Masquarade Problem

Thanks for your information Stuart,

I type the command as you inform to me but there is no result. Should I reconfigure our Linux box again?

Rgrds,

Doni
0 Kudos
Reply
benoit Bruckert
Honored Contributor

‎07-05-2002 01:35 AM

‎07-05-2002 01:35 AM

Re: IP Masquarade Problem

Hi Doni,
Can you check that iptable /firewall is configured in your kernel,
If not , make a new one with these features....
If you have no answers with the iptable command, may be it's the reason !!

Regards
Benoit
Une application mal pansée aboutit à une usine à gaze (GHG)
0 Kudos
Reply
Doni Darmawan
Advisor

‎07-05-2002 02:01 AM

‎07-05-2002 02:01 AM

Re: IP Masquarade Problem

Hi Benoit,

I assume that my iptables work fine. If I type a command "iptables -L" then the iptables ruleset appears in my screen.
I set iptables firewall using file rc.firewall that I downloaded from http://ipmasq.cjb.net. And our client also can resolve url with no problem.
0 Kudos
Reply
benoit Bruckert
Honored Contributor

‎07-05-2002 05:13 AM

‎07-05-2002 05:13 AM

Re: IP Masquarade Problem

Well,
routing seems OK because you can telnet, for firewalling I don't know !
Do you have any logs from the linux box which may help us to check if your ISP try to open specific port to send back information (in /var/log or something like that...).
Any information from Windows box (error messages when you try to connect smtp or pop3) could be also useful...
Une application mal pansée aboutit à une usine à gaze (GHG)
0 Kudos
Reply
Doni Darmawan
Advisor

‎07-09-2002 05:02 PM

‎07-09-2002 05:02 PM

Re: IP Masquarade Problem

Thanks Benoit and Stuart for your exciting additional information and for your times.

At last we can solve it. The main possibility of its problem (I'm not sure) is IP aliasing for its routing. When we plug additional ethernet card and assigned its IP (IP aliasing was moved down), our pop3 and smtp service for our Windows boxes run correctly.

Regards,

Doni
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.