Web lists-archives.com

Re: Only using masquerading on internet facing server




> Ip range on server a: 172.17.232.0/24
> IP range on server b: 192.168.3.0/24

That's very vague.
But I'll assume that your "server b" has an address 172.17.232.NN
on one network interface and 192.168.3.1 on another.

> If I enable MASQUERADING on server b everything works as expected but as
> soon as I disabled MASQUERADING on server b the hosts behind it don't
> have internet access for example.
> What do I need to do on server a to properly MASQUERADE server b?

My guess is that on "server a" you have not setup routing so as to send
all the 192.168.3.0/24 packets to "server b".

IOW on "server a" you need to do something like

    route add -net 192.168.3.0/24 gw 172.17.232.NN
    

-- Stefan