Hi, > try next: > - Put d-link ADSL as "modem" > - Make PPPoE call under Linux Yes I've already tried this - that's my current configuration since one week;) But I want to understand why it's not possible to use the D-Link as a router, and for what kind of problem the tcpdump results stand for. Ralph > > > > -> > -> Hi, > -> > -> I have the shown (end of this post) net work configuration. > -> > -> In a "few" words: My Debian Sarge server is connected to a D-Link ADSL > -> Router (DSL-562T). DMZ is enabled for the Debian Sarge IP on the Router. > -> > -> My Linux server has two NIC's. > -> ethlan = internal Net > -> ethdsl = external -> D-Link > -> > -> My Linux server is configured to make NAT via iptables. > -> > -> Current state - what's working: > -> - Access from internal LAN to Internet is working (http, https, ftp, etc) > -> - Access inside the LAN is working > -> - Access inside the LAN to the linux server is working (http, https, > -> IMAP and SSH) > -> - Access from outside the LAN (from internet) to the Linux server is > -> working for https, IMAP and SSH > -> > -> ***BUT***: > -> Same Problem simular for SSH, https and IMAP: > -> On an internet browser inside the lan I can't access the webserver on > -> the Linux Server when I enter the external URL of the Linux server > -> (dynDNS domain name). > -> The https-page won't be opened. A simple ping to the linux server with > -> the same dynDSN domain name works. Trying to enter the external IP of > -> the linux server in the browser also won't work. > -> The page won't be opened in the browser. > -> > -> Die Seite wird im Browser dann nicht geöffnet. > -> Via telnet auf https ider ssh oder IMAP wird ebenso keine Verbindung > -> aufgebaut, wenn ich als Ziel den dynDSN Domainnamen angebe. > -> Wie gesagt, gebe ich statt des dynDNS Domainnamens den lokalen Namen > -> oder die lokale IP ein, dann geht es. > -> > -> iptables schould log dropped pakets. But there aren't any > -> dropped packets. > -> Ifconfig also does not show any errors (dropped packets) for ethlan / > -> ethdsl. > -> > -> So I've tried to understand what tcpdumd shows for port 443. But I'm > -> bound to say that I'm absolutety not firm with tcpdump. > -> Here's what tcpdump shows: > -> > -> > -> tcpdump for port 443: > -> Not working access from inside the lan to the servers external Name / > -> the servers external IP: > -> => no connection > -> ==================================== > -> p54BE15A1.dip0.t-ipconnect.de.https: S 1859848764:1859848764(0) win > -> 65535 <mss 1260,nop,nop,sackOK> > -> 18:43:41.477631 IP lp-java.linkpool.3491 > > -> p54BE15A1.dip0.t-ipconnect.de.https: S 1859848764:1859848764(0) win > -> 65535 <mss 1260,nop,nop,sackOK> > -> 18:43:41.479358 IP p54BE15A1.dip0.t-ipconnect.de.https > > -> lp-java.linkpool.3491: R 0:0(0) ack 1859848765 win 0 > -> 18:43:41.967525 IP lp-java.linkpool.3491 > > -> p54BE15A1.dip0.t-ipconnect.de.https: S 1859848764:1859848764(0) win > -> 65535 <mss 1260,nop,nop,sackOK> > -> 18:43:41.969239 IP p54BE15A1.dip0.t-ipconnect.de.https > > -> lp-java.linkpool.3491: R 0:0(0) ack 1 win 0 > -> 18:43:42.468301 IP lp-java.linkpool.3491 > > -> p54BE15A1.dip0.t-ipconnect.de.https: S 1859848764:1859848764(0) win > -> 65535 <mss 1260,nop,nop,sackOK> > -> 18:43:42.470116 IP p54BE15A1.dip0.t-ipconnect.de.https > > -> lp-java.linkpool.3491: R 0:0(0) ack 1 win 0 > -> > -> > -> tcpdump for port 443: > -> WORKING access from inside the lan to the servers INTERNAL Name / the > -> servers INTERNAL IP: > -> => Successful connection > -> ==================================== > -> 18:45:38.773997 IP lp-java.linkpool.3492 > lp-komodo.LINKPOOL.https: S > -> 1505679381:1505679381(0) win 65535 <mss 1260,nop,nop,sackOK> > -> 18:45:38.774478 IP lp-komodo.LINKPOOL.https > lp-java.linkpool.3492: S > -> 189223170:189223170(0) ack 1505679382 win 5840 <mss 1460,nop,nop,sackOK> > -> 18:45:38.774062 IP lp-java.linkpool.3492 > lp-komodo.LINKPOOL.https: . > -> ack 1 win 65535 > -> 18:45:38.774608 IP lp-java.linkpool.3492 > lp-komodo.LINKPOOL.https: P > -> 1:106(105) ack 1 win 65535 > -> 18:45:38.774660 IP lp-komodo.LINKPOOL.https > lp-java.linkpool.3492: . > -> ack 106 win 5840 > -> 18:45:38.813185 IP lp-komodo.LINKPOOL.https > lp-java.linkpool.3492: P > -> 1:1055(1054) ack 106 win 5840 > -> 18:45:38.927284 IP lp-java.linkpool.3492 > lp-komodo.LINKPOOL.https: . > -> ack 1055 win 64481 > -> > -> Is there any one who can interpret those results? Are these enough > -> informations to see where the problem may ve? > -> Wrong Routing? Linux server iptables problem? Problem inside the D-Link > -> Router? > -> Any suggestions are welcome! > -> > -> Internet > -> | > -> DSL > -> | > -> | > -> D-Link DSL-562T > -> 192.168.200.5 > -> | > -> | > -> ------------------------------------ > -> | Dev=ethdsl Linux Server | > -> | 192.168.200.2 lp-komodo | > -> | | | > -> | route + iptables | > -> | | | > -> | 192.168.240.2 | > -> | Dev=ethlan | > -> |----------------------------------- > -> | > -> | > -> Switch 10/100/1000 > -> | > -> | > -> ------------------------------------ > -> |Dev=LAN Windows Client | > -> | XP Pro SP2 | > -> |192.168.240.010 lp-java | > -> | | > -> -----------------------------------| > -> > -> > -> Regards, > -> > -> Ralph > -> > -> _______________________________________________ > -> LARTC mailing list > -> LARTC@xxxxxxxxxxxxxxx > -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
