Topic: Sme as gateway

[floop]

Ive obtained SME 7.0, and used it for a while now.

But when i try to make it gateway, my computers behind the server can't reach the www.

And now the server can't reach the net too.

My connection is like this

DSL
|
|
Router-----Computer
|
|
Server

and i would like it somthing like this:

DSL
|
|
Server
|
Switch---Computer
|
computer

Can't see what i am doing wrong

[del]

Hi floop,

Is your server set to server/gateway mode? I think it will need to be to act as a gateway, maybe wrong but someone will correct me I'm sure  Depending on your router make I would put your server in the dmz so all ports are forwarded to it (here in FL Bellsouth call this IP Pass through). May be you will get more info if you let us know what router you are using and the type of DSL (PPPoE or PPPoA) I believe that PPPoE is supported "out of the box" by SME but not PPPoA This is why I use cable, works like a charm

Regards,
Del

[floop]

Okay, i haven't got anny usernames for my internet connection, got 2 dynamic IP's.

I have alredy tryed the gateway/server setup, but niether does it help.

my router is zyxel prestige 304, a rather old model

my connecion is rather lousy, a 2 mbits down and 128 up, but it'l do fine for now.

my "modem" is a siemens speedstream 4100

My zyxel router is correctet to do a port 80 portforward, but the point in this toppic, is to get rid of the router as it is quit lousy.

- edit -

the connection that i've got is in denmark called broadband, thoug it is a asymetric line, and rather slow. But I think, thoug without knowing that it is register at the ISP by my IP adress or the mac adress from the siemens speedstream.

I can reach the net using no router at all, but my server won't let it throug to my other computers.

[byte]

Moving this topic to the SME Server 7.x forum, it is more appropriate there. Thanks!

[pfloor]

First of all, the 4100 is not a modem.  It is a modem/router combination with NAT built in.  So in your first example you may actually have 2 routers if the 4100 is not bridged.

Is it set up in the default configuration (Router) or have you changed it to "Bridge Mode"?

Do you know your PPPoE username and password?  If not, you may want to find out what they are before you go any further.  If you have to reset the 4100, you may loose this information stored in the 4100.

You state that you have 2 dynamic IP's.  If this is the case, I don't think that SME can use both (someone correct me here if I am mistaken) so you may need to leave the 4100 configured as a router and open the needed ports to the SME server or put the server in the DMZ.

Do you understand how to configure the 4100?  It has a built-in web interface.  Have you accessed the interface yet?

If you know how to use the interface, try the following.

1-Login and click Setup>Host.  Take note of the host IP and Netmask settings. Let's say it is 10.0.0.1/255.255.255.0 for this example.
2-Click Setup>DHCP and disable this.
3-Click Setup>Firewall>DMZ and check "Enable DMZ with host IP address and put 10.0.0.2 in the box.  Also check the radio button to make the setting permenent.

Now log into SME as admin and pick "2-Configure this server"

Step through and make sure you do the following.
1-Set the Internal IP to a different private address like 192.168.0.1.
2-Choose Server/Gateway (dedicated)
3-Choose Static IP and set the external interface to 10.0.0.2 (or whatever is set in the DMZ on the 4100).

Now connect the external interface of the SME to the LAN side of the 4100.

If you only need 1 of the IP addresses then I suggest that you "Bridge" the router and have SME connect directly to the internet but this will be an entirely different setup.  Let me know if you want to try that instead.  SME supports this but I don't know what it will do with 2 IP addresses.  I assume it will just get assigned one IP.

By the way, I got all this info directly from the Siemens web site.  If you don't have the manual you can download it from here http://kb.efficient.com/utility/getfile.asp?rid=5226

[floop]

Erhm - it's not like i'm totaly noob to computers - i just cant see why the server cant find my net.

My speedstream, wich i call a modem - i did because it is acting just like a modem - notise the ' " ' around the word?

i cannot acces this, as it was setup by my isp when i bought the line.

for my dynamic ip's they are not somthing like " 192.168.1.33" or "10.0.0.33" they are more like "88.65.128.75" and are changing when i restart my zyxel router.

If i try to connect the the speadstream by yousing my ip, like" 88.65.128.75 " and substituting the last numbers with a 1 or 0 - I get no reply -and can't ping or what so ever idea i could think of.

- thats the reason i said "modem " about the speedstream

If i had PPPoE I would have to login - just as i did with my last connection, and the one before - but i do not have to!

right now i am actually using both my dynamic ip's - the zyxel router for the server and my laptop got 1 and my mediacenter got one.

But still, the point of this toppic is to avoid the zyxel - i cannot alter or bypass the speadstream, as this is the source of my internet, call it "modem" or not - yet it is still acting like one.

- edit - sorry for the langauge in the start of the reply, this whole thning is just getting to my nerves.

also notice in the siemens manual - "web based http configuration of your PPPoE - PPPoE Routers and modems only "
That is why i cant acess this "modem"

[meanpenguin]

Hi,

It would help if you can have your network diagram with IP addresses as well .

SBC/New ATT remembers the MAC of the computer and needs some times to timeout.  

To verify,
get your two workstations working on the net.  
then switch one of the cables to a third computer and see it can access the net.  
Switch the cable back to the original computer.

If the third computer did not work then you need to let one of the "dynamic" leases to expire.  I'm not sure if "ipconfig /release" would help or not.

Edward

[floop]

I did what you said, but it dosn't get me much further - my server can reach the net, but nothing behind the server can reach the www - thoug i can enter the server in anny thinkable way.

my setup is like this with ip's

Siemens
|
|  (remote ip from siemens)
Server
|  192.168.1.2
|
|
pc (192.168.1.30)

I set the server up to give the other computers ip's in range 30-100

The PC can't reach WWW but the server internettest is passed, and torrentflux can reach the web. but all i get when trying from the pc is "server timed out"!

Help?

[kruhm]

The EXTERNAL ip and the INTERNAL ip can't be on the same network. This is why the SME can reach but nothing behind it can't.

It looks like the:
EXTERNAL is 192.168.1.1
INTERNAL is 192.168.1.2

We don't know the external because you didn't list it.

Set the seimens on passthru. The EXTERNAL should be picked up by the DHCP from the ISP not the SEIMENS.

[floop]

Nope - it's just not that easy!

the external ip is just as external as anny other dynamic ip.

its like : 87.134.23.52 or so - very external?

while my local ip is 192.168.1.X like you say

I can do annything with my laptop and other computers, place them annywhere, except behind the server, where i want them to be.

the server just wont act gateway - even thoug it is installed as one!
the siemens is not acting router - its a modem of some kind, thoug still passing throug a external ip.

[idp_qbn]

When you log in to your SME, can you:
1) do an ifconfig and see the RED (external) IP address?
Should be listed under eth1
eth0 should be your GREEN (internal IP)

2) ping the modem and get a reply.
Sometimes the modems are x.y.z.0, sometimes x.y.z.1 but just to make life interesting, some manufacturers use x.y.z.something_else.

So, you could try pinging from x.y.z.240 onwards.
And just to make it even harder, sometimes they set it to not answer "ping"

3) try to ping an external address and see if you get a reply. Try www.bigpond.com (Australia's biggest ISP)

If you can ping the zyxel and ping the outside world, then it definitely is your SME setup. Another possibility is that you have a local proxy server set as manadatory on your SME and need to either set it "off" or configure your workstations to use it. (I can't help you with this, because I use SME as SERVER only and use IPCOP as gateway)

Cheers
Ian