LinuxMCE Forums

General => Users => Topic started by: KingCrab on August 15, 2007, 01:47:56 pm

Title: Client access to dsl connection problem
Post by: KingCrab on August 15, 2007, 01:47:56 pm
Hi,

I've a big problem getting my clients connected to the internet over dsl. What I have so far is a working dsl connection on external side (pppoeconf and pon dsl-provider). I changed the mysql entry describing the network devices and I can see the ppp0 connection details on web-admin/network. But none of my clients is able to reach the outside world. The firewall rules are untouched.

Hope anyone could help me solving this. Thanks in advance,
KingCrab
Title: Re: Client access to dsl connection problem
Post by: Zaerc on August 15, 2007, 03:58:40 pm
I think the problem is that the firewall rules need to be adjusted slightly:
Code: [Select]
# iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT 57641 packets, 3434K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 998K packets, 73M bytes)
 pkts bytes target     prot opt in     out     source               destination         
  128 10658 MASQUERADE  0    --  *      eth0    192.168.80.0/24     !192.168.80.0/24     

Chain OUTPUT (policy ACCEPT 998K packets, 73M bytes)
 pkts bytes target     prot opt in     out     source               destination         

In your case I suspect that in the "MASQUERADE" rule "eth0" should be "ppp0" (or similar), but I have no idea where to change that.
Title: Re: Client access to dsl connection problem
Post by: KingCrab on August 15, 2007, 04:40:34 pm
ppp0 seems to be changed already, but my output differ a bit from your one. Don't know where these changes come from.

Quote
iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT 21 packets, 2272 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 122K packets, 9441K bytes)
 pkts bytes target     prot opt in     out     source               destination
    3   144 SNAT       0    --  *      ppp0    192.168.30.0/24     !192.168.30.0/24     to:192.168.10.1

Chain OUTPUT (policy ACCEPT 122K packets, 9441K bytes)
 pkts bytes target     prot opt in     out     source               destination

Title: Re: Client access to dsl connection problem
Post by: Zaerc on August 15, 2007, 05:51:20 pm
I think those rules are pretty much equivalent (just a different way of doing it), so I guess LMCE already noticed and set that up properly.

Just curious, you are using "192.168.30.0" for the internal network instead of the default "192.168.80.0" subnet?
Title: Re: Client access to dsl connection problem
Post by: KingCrab on August 15, 2007, 08:35:43 pm
Yes, but there no real cause why I choose 192.168.30.0. Maybe just to be different  ;-)
Title: Re: Client access to dsl connection problem
Post by: pixelator on August 16, 2007, 03:11:42 am
I had this same issue when I first set up pppoe for dsl access. In my case, it turned out to be a DNS issue.
The clients were not receiving the correct DNS info from the core.

also make sure the dns is correct on the core.

Adding the correct DNS info to each client resolved this for me.
The other thing to check is the default gateway on the clients and make sure they are pointing to the core.
Title: Re: Client access to dsl connection problem
Post by: KingCrab on August 20, 2007, 12:05:26 am
On my test client the resolv.conf nameserver entry links to the internal address of my core. Does it have to be the one given by dsl provider or is this correct?

@pixelator Could you give a short description of what you've done and how your settings look like respectively?
Title: Re: Client access to dsl connection problem
Post by: Zaerc on August 20, 2007, 02:48:12 am
In my setup the core's resolv.conf has ips of the domain servers handed out by my modem's DHCP (which are my provider's dns and the modem's ip).  The diskless MD has the ip of the core as it's nameserver.  I hope that helps.

Even without domain resolution, you can always try to ping/traceroute ip numbers directly.
Title: Re: Client access to dsl connection problem
Post by: KingCrab on August 20, 2007, 01:14:31 pm
Than the problem seems to be somewhere else. All of the dns entrys are correct.
But I can't even ping my providers nameserver ip from "inside"...
Title: Re: Client access to dsl connection problem
Post by: Zaerc on August 20, 2007, 07:28:16 pm
Can you ping them from the core itself?
Title: Re: Client access to dsl connection problem
Post by: KingCrab on August 20, 2007, 09:16:41 pm
Yes, a ping from core works
Title: Re: Client access to dsl connection problem
Post by: Zaerc on August 20, 2007, 10:22:50 pm
can you show me the output of "ifconfig" and "route -n" on both the core and a MD?