Re: Only using masquerading on internet facing server
- Date: Wed, 13 Mar 2019 08:39:16 -0400
- From: Stefan Monnier <monnier@xxxxxxxxxxxxxxxx>
- Subject: Re: Only using masquerading on internet facing server
> Ip range on server a: 172.17.232.0/24
> IP range on server b: 192.168.3.0/24
That's very vague.
But I'll assume that your "server b" has an address 172.17.232.NN
on one network interface and 192.168.3.1 on another.
> If I enable MASQUERADING on server b everything works as expected but as
> soon as I disabled MASQUERADING on server b the hosts behind it don't
> have internet access for example.
> What do I need to do on server a to properly MASQUERADE server b?
My guess is that on "server a" you have not setup routing so as to send
all the 192.168.3.0/24 packets to "server b".
IOW on "server a" you need to do something like
route add -net 192.168.3.0/24 gw 172.17.232.NN