Reputation: 195
How to configure multiple NIC cards on ubuntu server 14.04 LTS and connect to router?
I have an HP hard Server on which I installed Ubuntu server 14.04 LTS. The server has two ethernet cards. I installed Squid proxy server and I am using iptables as a firewall on my ubuntu server. Now I want to place my Server between the router and the switch. This is because I want everyone to go through the proxy server to filter some web sites.
I am facing some difficulties in the configuration of the two NIC cards on the ubuntu server. It has two interfaces em1 and em2 to which I want to assign static IP addressses. This is what I have configured so far:
The primary network interface
auto em1
iface em1 inet static
address 192.168.1.30
netmask 255.255.255.0
gateway 192.168.1.2
network 192.168.1.0
broadcast 192.168.1.255
The secondary network interface
auto em2
iface em2 inet static
address 192.168.1.31
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
I read some posts that said there shouldn't be a gateway entry in the second interface so the OS knows which interface to use.
My current network architecture is the following:
FSI --> my CISCO Router (192.168.1.1) --> my Ubuntu server (containing two NIC cards and running squid proxy and iptables firewall) --> my switch --> some laptops
The problem is laptops are unable to connect to the internet. I don't understand why. I disabled the firewall and the proxy but I still cannot connect.
Should I configure some routing rules between the two NIC cards or should I use the FORWARD chain of iptables? How can I solve this?
Thank you for any help.
Upvotes: 0
Views: 14330
Answers (1)
Reputation: 195
My two network interfaces need to be on different networks/subnet IP ranges. So, for example, I had em1 on 192.168.1.2 and em2 on 192.168.2.1. Then I connected em1 to the router and em2 to the switch. I gave my laptops 192.168.2.xxx IPs (other than the server's IP). Ideally, I set up a DHCP server on the Ubuntu server to hand out IPs to the clients, so I don't have to set them up manually.
Then I set up forwarding in the iptables rules using the FORWARD chain (unless I want to enforce that ALL traffic goes through the proxy, then I just set up the proxy).
The working configuration is as follows:
# The primary network interface
auto em1
iface em1 inet static
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.2
network 192.168.1.0
broadcast 192.168.1.255
# The secondary network interface
auto em2
iface em2 inet static
address 192.168.2.1
network 192.168.2.0
netmask 255.255.255.0
broadcast 192.168.2.255
and iptables as follows:
-P INPUT ACCEPT
-P FORWARD DROP
-P OUTPUT ACCEPT
-A FORWARD -i em1 -o em2 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i em2 -o em1 -j ACCEPT
-A FORWARD -j LOG
When configuring laptops, keep in mind that the gateway should be the server's IP: 192.168.2.1, which is my server's IP.
Upvotes: 3
Related Questions
- how to route 2 Nics with 2 public IP on same subnet running with same gateway
- Multiple NIC and Docker containers
- How to set up multiple network interfaces on ubuntu server. [RTNETLINK answers: File exists]
- how to route client HTTP requests over multiple NIC with libcurl
- Ubuntu NAT with multiple connections
- Linux - generic network configuration
- Configure a server inside LAN
- Multiple Ethernet Interfaces - How to create a separate network and access from C code
- Multiple NIC's on apache2 web proxy server
- how to configure gateway on centos(used google but no answers)