[ZendTo] {Disarmed} Re: Multi-homed install

Dave Jones dave at jonesol.com
Sun Sep 25 13:14:01 BST 2011


The external return traffic is not going the right direction.  Put your
default gateway on eth1 and setup static routes on eth2 for any internal
networks that aren't on the 192.168.101.0/24 subnet.

On Sun, Sep 25, 2011 at 5:41 AM, Paul Harrington
<Paul.Harrington at nmni.com>wrote:

> Hi there,
>
> I have a ZendTo Ubuntu VM installed with one nic connected to the internal
> network so it can authenticate internal users on our AD, I then have the
> other nic on the public IP so that it is available from the internet.
>
> I need to ensure requests sent through the public IP are returned via that
> nic, and not that on the internal nic.
>
> At the moment, my configuration is as follows, which works for the most,
> but the box cannot access the internet and therefore cannot send the entry
> to the reCAPTCHA servers, and apt-get update just times out. I cannot ping
> 8.8.8.8 etc either
>
> The eth1 address is on our DMZ and is mapped to a public IP by our
> firewall. If I put the gateway on the LAN nic, the box can access the
> internet, but then it is no longer reachable externally.
>
> iface eth2 inet static
> address 192.168.101.13
> netmask 255.255.255.0
> network 192.168.101.0
> dns-nameservers 192.168.101.249 192.168.101.226 8.8.8.8
> post-up route add -net 192.168.0.0 netmask 255.255.0.0 gw 192.168.101.254
> pre-down route del -net 192.168.0.0 netmask 255.255.0.0 gw 192.168.101.254
>
> iface eth1 inet static
> address 172.16.1.3
> netmask 255.255.255.0
> network 172.16.1.0
> gateway 172.16.1.254
>
>
> Paul Harrington
> ICT Officer
>
> National Museums Northern Ireland
> Cultra, Holywood, Co. Down, BT18 0EU
>
> T - 028 9039 5281
> E - paul.harrington at nmni.com
>
> [http://www.nmni.com/images/nationalmuseumslogo.gif]
> www.nmni.com<http://www.nmni.com>
>
>
>
> This message contains confidential information and is intended only for
> zendto at zend.to. If you are not one of the intended recipients, you should
> not disseminate, distribute or copy this e-mail. Please notify
> paul.harrington at nmni.com immediately by e-mail if you have received this
> e-mail by mistake and delete this e-mail from your system. E-mail
> transmission cannot be guaranteed to be secure or error-free as information
> could be intercepted, corrupted, lost, destroyed, arrive late or incomplete,
> or contain viruses. Paul Harrington therefore does not accept liability for
> any errors or omissions in the contents of this message, which arise as a
> result of e-mail transmission. If verification is required please request a
> hard-copy version.
>
> Please consider the environment before printing this email.
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110925/8321ffee/attachment.html 


More information about the ZendTo mailing list