IP-forwarding problem on PPP dial-in

Hi,
I would like to use a RedHat 7.2 as a dial-in server (192.168.0.177). The 192.168.0.177 box connects to a DSL hardware router (192.168.0.1) for Internet access.

The dial-in server box (192.168.0.177) connects to the
Internet without a problem.

I have set up the dial-in server and I can connect to
it with an other RedHat box, using PPP.
During PPP I assign to the dial-in box the IP 192.168.0.178.

Once the connection is up, from 192.168.0.178 I can
ping 192.168.0.177, I can ssh there, etc.

What should I do in order to be able to ping the
router (192.168.0.1) and go to the Internet from
192.1168.0.178?

I have created /etc/ppp/ip-up.local:

ipchains -A forward -s 192.168.0.177 -d 0/0 -j MASQ
echo 1 > /proc/sys/net/ipv4/ip_forward
exit 0


Unfortunately it does not solve the problem,
when I am pinging the router (192.168.0.1) from the
dial-in box (192.168.0.178) I am getting the message:

From 192.168.0.178: Destination host unreachable

#netstat -nr on the dial-in server (192.168.0.177):

Destination Gateway Genmask Flags
Iface
192.168.0.178 0.0.0.0 255.255.255.255 UH ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U eth0
127.0.0.0 0.0.0.0. 255.0.0.0 U lo
0.0.0.0 192.168.0.1 0.0.0.0 UG eth0

ifconfig on the dial-in server (192.168.0.177):

eth0
inet addr: 192.168.0.177 Bcast:192.168.0.255
Mask:255.255.255.0

ppp0
inet addr: 192.168.0.177 P-t-P:192.168.0.178 Mask:
255.255.255.255

I have seen a reference to firewallss in
/etc/rc.d/init.d, but it complains about not finding
/etc/sysconfig/cipe.

I have cipe installed on the dial-in box, however I do
not have 2 network card there, only one. I would like
to enable IP forwarding between 192.168.0.177 ethernet
and the PPP link.

I have found /etc/ppp/firewall-masq script I have run
it, but still no luck.

Any help is appreciated.

Art

http://www.swcp.com/~jgentry/pers.html

I do not know which parts is wrong, in 98 SE the connection is ok until
the
check authentication and it breaks out. winipcfg does not show it has
given
an ip address .
the home server is connected a zoom modem and a dedicated Rh 7.2 is used.

the following is my setting:

/etc/inittab

S0:2345:respawn:/sbin/mgetty ttyS0 -D /dev/ttyS0
/etc/ppp/options.ttyS0

auth -chap +pap login modem crtscts debug proxyarp lock
#ms-dns 192.168.1.150
ms-dns xxx.255.144.77
# the first IP from left to right is the the IP addres of the server
# the second ip is the ip address assigned to the serial port for ppp
connections

192.168.1.80:192.168.1.200
#192.168.1.120
~
/etc/ppp/pap-secrets
#user server secret addrs
* * " " *
sally * - *
root * - *

#mtu 576
#mru 512
auth -chap +pap login modem crtscts debug proxyarp lock
ms-dns xxx. some ISP' DNS IP here
ms-dns yyy. some ISP' DNSIP here

/var/log/mgetty.log.ttyS0

--
07/02 08:05:53 yS0 mgetty: experimental test release 1.1.26-Apr16
07/02 08:05:53 yS0 check for lockfiles
07/02 08:05:53 yS0 locking the line
07/02 08:05:53 yS0 lowering DTR to reset Modem
07/02 08:05:54 yS0 send: \dATQ0V1H0[0d]
07/02 08:05:54 yS0 waiting for ``OK'' ** found **
07/02 08:05:54 yS0 send: ATS0=0Q0&D3&C1[0d]
07/02 08:05:54 yS0 waiting for ``OK'' ** found **
07/02 08:05:55 yS0 waiting...
07/02 08:06:44 yS0 wfr: waiting for ``RING''
07/02 08:06:44 yS0 send: ATA[0d]
07/02 08:06:44 yS0 waiting for ``CONNECT'' ** found **
07/02 08:07:05 yS0 send:
07/02 08:07:05 yS0 waiting for ``_'' ** found **
07/02 08:07:25 ##### data dev=ttyS0, pid=1688, aller='none',
conn='57600',
name='', cmd='/bin/login', user='sally'

--
07/02 08:08:44 yS0 mgetty: experimental test release 1.1.26-Apr16
07/02 08:08:44 yS0 check for lockfiles
07/02 08:08:44 yS0 locking the line
07/02 08:08:44 yS0 lowering DTR to reset Modem
07/02 08:08:45 yS0 clean_line: only 500 of 1390 bytes logged
07/02 08:08:45 yS0 send: \dATQ0V1H0[0d]
07/02 08:08:45 yS0 waiting for ``OK'' ** found **
07/02 08:08:45 yS0 send: ATS0=0Q0&D3&C1[0d]
07/02 08:08:45 yS0 waiting for ``OK'' ** found **
07/02 08:08:46 yS0 waiting...
07/02 08:09:06 yS0 wfr: waiting for ``RING''
07/02 08:09:06 yS0 send: ATA[0d]
07/02 08:09:06 yS0 waiting for ``CONNECT'' ** found **
07/02 08:09:26 yS0 send:
07/02 08:09:26 yS0 waiting for ``_'' ** found **
07/02 08:09:30 ##### data dev=ttyS0, pid=1967, caller='none',
conn='57600',
name='', cmd='/bin/login', user='sally'

--
07/02 08:10:04 yS0 mgetty: experimental test release 1.1.26-Apr16
07/02 08:10:04 yS0 check for lockfiles
07/02 08:10:04 yS0 locking the line
07/02 08:10:04 yS0 lowering DTR to reset Modem
07/02 08:10:05 yS0 send: \dATQ0V1H0[0d]
07/02 08:10:06 yS0 waiting for ``OK'' ** found **
07/02 08:10:06 yS0 send: ATS0=0Q0&D3&C1[0d]
07/02 08:10:06 yS0 waiting for ``OK'' ** found **
07/02 08:10:06 yS0 waiting...

I have created a user called ppp with out password

ppp:x:351:230ppclient:/home/ppp:/usr/sbin/pppd




/etc/mgetty+sendfax/mgetty.config
port ttyS0
speed 57600

login.config
/AutoPPP/ - - /usr/sbin/pppd file /etc/ppp/options.server


I used "sally" and provide a password in the dial screen in 98 SE, it
dials
out and bring up a small screen as a normal login in linux, type in sally
and password, it does not allow me to use /usr/sbin/pppd/ then I have to
use
"su root" , execute /usr/sbin/pppd, all grabages characters, F7 to
continue,
then the login process breaks out.


would u please assist me and point me what is wrong here?

Art -

I'm not certain that this is the cause of your problem but try putting the ppp0 interface of your dial-in server and the dial-in client on a different subnet from your router. You may be having routing issues. Try changing the ip address of the dial-in server to 192.168.1.177 and that of the dial-in client to 192.168.1.178 or something like that.

jaa

any luck

since your dial-up and your router are on the same subnet, you don´t need masquerading.

ipchains -A forward -s 192.168.0.177 -d 0/0 -j ACCEPT

this should do the job (additionally to the echo "1" > ....)

... should source ip not be the dialup´s REMOTE ip? (from your dialup-SERVER point of view, i.e. the .178) not sure though...

why not setup general forwarding? (since you are on private IP network anyway) then it will route anything it knows a route for.

ipchains -P forward ACCEPT