routing problems

[protoplasm72]

I'm using my gentoo box as a router to connect my laptop to the network at work. So the gentoo box is connected to the corporate network and the latop is connected to the second ethernet port on the linux box. Both machines sit at my desk and I need them to be on their own little private network so the corporate firewall doesn't block communication between them. The problem I'm having is that the laptop (which is running winxp) can't connect to servers in my corporate lan but it does connect to publicly addressable servers.

So for example I can browse the internet or use ftp or ssh to public servers from my laptop but I can't access our corporate email server or any of the other servers I access. The linux box which is directly connected to the corporate network can access all these servers fine though.

My ip address on the linux box from the corporate network is something like 10.1.31.x and my private network addresses are in the 192.168.15.x range. I'm not sure why but the linux box doesn't seem to route the traffic to any address that is on my corporate lan. Some of the server addresses on the corporate lan that I can't access are in the 10.1.x.x range and the 192.168.144.x or 192.168.145.x range.

Here is some relavent routing info from my gentoo box. Does anyone know what I'm doing wrong or can point me in the right direction at least. Thanks.


$ iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.15.0/24 anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination



$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination
LOG all -- anywhere anywhere state INVALID,NEW LOG level warning
DROP all -- anywhere anywhere state INVALID

Chain OUTPUT (policy ACCEPT)
target prot opt source destination




$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.15.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
0.0.0.0 10.1.31.254 0.0.0.0 UG 0 0 0 eth0


eth0 is connected to my corporate lan
eth1 is connected to my laptop

[r3tude]

'm pretty sure you need a static route for 10.1.31.0 your corporate networks ip range.

something like this

# route add -net 10.1.31.0/24 dev eth0

(replace eth0 with whichever interface is on the 10.1.31.0 network.)

you will also need to add the static route to a startup script but i don't know what to suggest for that

[protoplasm72]

I've tried adding that and similar routes but it doesn't do it. I believe the rules I have now should be forwarding all traffic not in my private to the corporate gw at 10.1.31.254. I can tracert from my laptop and it goes through that router when I access the internet but it I try to tracert a server on my corporate lan it just times out. I can however do a traceroute from my linux box to any of these corporate servers.