I have configured nat to make my CentOS 7 into a router. I have used firewalld to do this. But unfortunately it doesnt work. I have no idea which causes the issue. I tried the same configuration in Virtual Box and it is working. If I did the same config in the production server it doesnt.
Eth0
ip– my static ip
mask-255.255.252.0
gateway-my ISP gateway
eth1
ip-192.168.1.30
mask-255.255.255.0
1) Enabled packet forwarding
vi /etc/sysctl.conf
added “net.ipv4.ip_forward=1”
sysctl –p
2) Configuring the NAT in firewalld
i) Integrating the interface “eth1” to the internal zone
Firewall-cmd --change-interface=eth1 --zone=internal --permanent
• Masquerading was “off” in default
ii) Integrating the interface “eth0” to the external zone
Firewall-cmd --change-interface=eth0 --zone=external --permanent
iii) Changed “internal zone” as the default zone
Firewall-cmd --set-default-sone=internal --permanent
iv) Added DNS to pass through “internal zone”
Firewall-cmd --zone=internal --add-service=dns –-permanent
3) Saved the firewall configuration
Firewall-cmd --reload
Firewall-cmd --complete-reload
4) Also tried in the iptables
Iptables –t nat –A POSTROUTING –o eth0 –j MASQUERADE
Iptables –A FORWARD –i eth1 –j ACCEPT
Echo > 1 /proc/sysc/net/ipv4/ip_forward
Service iptables restart
Best Answer
I don't see in your configuration where you set the masquerade option for your external interface.
This is what worked for me when I started playing with the infamous
firewalld