Thank you guys for your replies. I got the problem. It was because of the second network interface. Somehow second NIC is not working (functioning) and when I try to up it, it stays down. Now the question is what can be happening with second NIC? Thanks in advance. Fatih TURKMEN --- Jörg Harmuth <harmuth@xxxxxxxxx> wrote: > Fatih TURKMEN schrieb: > > Hi everybody, > > I am trying to create small NAT network on SUSE > 9.2 > > computers.I don't know what is missing in my > iptables > > policy but I have added three rules for SNAT: > > > > 1) iptables -t nat -A POSTROUTING -o eth0 -j > > MASQUERADE > > 2) iptables -A FORWARD -i eth0 -o eth1 -m state > > --state RELATEd,ESTABLISHED -j ACCEPT > > 3) iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT > > > > I stopped firewalls on local computers, and > installed > > ssh server/client on all computers.I can ssh to > local > > machines from locals.But I can't ssh to nat > > server.Also I can only ping one computer from NAT > > Server. > > When I try to ssh to local clients from NAT server > I > > got either "No route to host" or "Connection > refused" > > although I stopped firewalls on locals and set the > NAT > > server as the default gateway for local clients. > > Would you mind to provide the full ruleset of your > nat box ? Preferably > the output of iptables-save ? A description of your > network layout could > be helpfull too (networks, NICs,...). As there is > "No route to host" the > routing table could give some enlightment. There are > at least two > interfaces, so - is ip-forwarding enabled ? What > does > > netstat -tulpn | grep ':22' > > give on the respective boxes ? When trying to > connect via SSH to no > avail, what does > > tcpdump -ni <respective_inerface> > > give (try reducing other traffic) ? Questions over > questions :) > > Have a nice time, > > Joerg > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
