Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Chiggs on January 07, 2006, 11:22:33 AM
-
Ok i'm using SME 6.0.1 and I'm having problems getting everything talking. I have quite an unusual setup which isn't helping matters:
ADSL ->Linksys WAG54G ---> SME Server ---> LAN (1 PC)
|
|
Wireless Network
The idea of the SME server is to be a file and print server, VPN access and additional security to the LAN. The wireless network clients are only using the internet and for now they can be ignored (although later I'd like to be able to let them use the fileshares and printer too... maybe using MAC authentication?). The SME box is duel celeron with 2 NIC's and software RAID.
I have tried every possible combination of server/gateway but cannot get the SME server to see any further than the router. It can ping the router and gets an IP via DCHP, and it works as a DCHP server to the LAN. The file/print serving works fine. I've also tried swapping the cards used for eth0 and eth1 in the setup.
I can't just port forward on the lynksys because it still needs to serve the wireless network. I don't really want to port forward on the SME box because ideally it should be providing additional security for the LAN.
Any ideas, advice and comments would be greatly appreciated.
Thanks,
Chiggs
PS. I had difficulty signing up to the forums, every time I clicked on 'I am over or exactly 13' it said 'This username is already taken' (this is before I even got the chance to choose a username!
-
ADSL ->Linksys WAG54G ---> SME Server ---> LAN (1 PC)
I'll use allways Class C addresses with netmask 255.255.255.0 and 192.168..x.254 as gateways and 192.168.x.1 as server for LAN, so let's start:
Configure your ADSL with an internet address (DHCP or not) and his LAN interface with 192.168.5.254
you MAY let your ADSL DHCP server turned off.
Configure your Linksys with WAN = 192.168.5.1 and LAN=192.168.7.254
Enable your DHCP on Linksys with 192.168.7.10 start address and a 50 computers range (192.168.7.60 as last or 50 computers).
Default gateway = 192.168.7.254 for any computer on this lan
Configure your SME server with WAN = 192.168.7.1 and LAN=192.168.9.1
Enable your DHCP on SME with 192.168.9.10 start address and 192.168.9.60 as last or 50 computers
Default gateway = 192.168.9.1 for any computer on this lan
I think this way everything should work. If not, please ask for help.
I prefer this way:
ADSL -> Linksys -> SME
+---> 1 PC
+----> WiFi
It's simpler!
Good luck,
Jáder
-
I have tried every possible combination of server/gateway but cannot get the SME server to see any further than the router.
Can you describe what "can't see" means? What are you trying, and what do you see?
-
Can you describe what "can't see" means? What are you trying, and what do you see?
Ok the router is currently 192.168.1.1, which I can ping from the SME server. However trying to ping www.google.com just gets no response, likewise if I try and ping an address on the internet by IP (for example I can't ping my ISPs DNS server). So although I am definately connected to the router ok I have no internet access for the SME or the PC on the LAN.
I prefer this way:
ADSL -> Linksys -> SME
+---> 1 PC
+----> WiFi
It's simpler!
This is how I had it set up originally, which is much simpler :) Unfortunately the Wi-Fi network needs to be completely seperate from the SME server. VPN connections from the internet must only see SME server and the PC on the LAN.
Configure your Linksys with WAN = 192.168.5.1 and LAN=192.168.7.254
I might be completely missing something here but I don't think I can change the WAN address of the Lynksys. I can change the local (LAN) IP address and subnet mask. The WAN (internet) IP is assigned by my ISP. There is no option to change the Wi-Fi IP.
I will be spending today fiddling so I'll keep people informed of any progress :) Thanks for the responses!
Chiggs
-
if you can't see past the router then you have a network config problem.
you haven't given the complete setup so everyone is guessing here.
you should probably put the linksys behind the sme and use linksys as AP.
-
Ok the router is currently 192.168.1.1, which I can ping from the SME server. However trying to ping www.google.com just gets no response, likewise if I try and ping an address on the internet by IP (for example I can't ping my ISPs DNS server). So although I am definately connected to the router ok I have no internet access for the SME or the PC on the LAN.
Check first that the default route on the SME server is correctly configured to point to the linksys. Since the SME server is configured via DHCP, it should be correct, but you should check it ("route -n"). If the default route is wrong, you'll see the symptoms you report.
If the default route is correct, then the problem is in the linksys router or beyond.
You shouldn't, BTW, depend on ping to indicate connectivity. You'll find plenty of websites which will return web pages but won't respond to ping requests. Ditto for DNS servers.
I would recommend this configuration:
Internet --- ADSL modem ----- SME server ----- linksys ----- wireless clients
|
----------- wired clients
-
Much as I'd love to use all of the alternative configs suggested here, the ADSL modem is built into the Linksys (which incidently is absolutely rubbish) so I don't have much flexibility on the way everything is connected. Buying more equipment is also not an option at the moment.
Anyway I'm confident I can get this to work somehow, I need to learn how to use Linux and it's been loads of help reading Howtos. There is definately a problem with the SME config:
[root@einstein root]# route -n
Kernel IP routing table
Destination Gateway Genmask Iface
192.168.65.0 0.0.0.0 255.255.255.0 eth1
192.168.223.0 0.0.0.0 255.255.255.0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 lo
0.0.0.0 0.0.0.0 0.0.0.0 eth1
[root@einstein root]# ifconfig
eth0
inet addr:192.168.223.1
Bcast:192.168.223.255
Mask:255.255.255.0
eth1
inet addr:192.168.65.17
Bcast:192.168.65.255
Mask:255.255.255.0
So everything is being routed to 0.0.0.0? Not ideal.
[root@einstain root]# route add default gw 192.168.1.1 eth1
[root@einstain root]# route -n
Destination Gateway Genmask Iface
192.168.65.0 0.0.0.0 255.255.255.0 eth1
192.168.223.0 0.0.0.0 255.255.255.0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 lo
0.0.0.0 192.168.1.1 0.0.0.0 eth1
0.0.0.0 0.0.0.0 0.0.0.0 eth1
[root@einstain root]# ping www.google.com
PING www.l.google.com (216.239.59.104) from 192.168.65.17: 56 bytes of data
.
64 bytes from 216.239.59.104: icmp_seq=1 ttl=240 time=48.9 ms
64 bytes from 216.239.59.104: icmp_seq=2 ttl=240 time=64.9 ms
64 bytes from 216.239.59.104: icmp_seq=3 ttl=240 time=78.9 ms
etc!
Wooohooooo. Thanks for the help. Now the PC on the LAN can access the net through the SME server, and all the shares still work. Now I just have to figure out VPN and sort out the firewall and filtering.
Chiggs