From owner-freebsd-questions@freebsd.org Tue Feb 14 16:22:35 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F3F58CDFD70 for ; Tue, 14 Feb 2017 16:22:34 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-it0-x22c.google.com (mail-it0-x22c.google.com [IPv6:2607:f8b0:4001:c0b::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B64EC178C for ; Tue, 14 Feb 2017 16:22:34 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-it0-x22c.google.com with SMTP id c7so38529302itd.1 for ; Tue, 14 Feb 2017 08:22:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=JPRjWbSLjUjtBBRU+fj4srPZdcchzLUdzmtxe9hoOoY=; b=aZq0eJg5cf6+vBNUIEr7cLMMjxMMdDtcC7h3Lq4wnmvxDnV+lAX2g2HtC+iwQDveg+ 2d6LvSP+thBEyPcImcs/6koR+cvky8wLxoDUKi9fntHagJ1RiAnZW2h0Sgn2DuXNADLa 3E1LXs/MwDJJ+NRM+n+1rjrAaWI6hiO1bRffIcgrM2cQdPPRJC70IPdtawT8I336+KyJ YA06Ss7n+lvYoSgpuh5VZXW1ffXSj5fWdFIDBM1ecY2bVU23EIpZWvVMA//gQreYRiMN gPh0LFHe4/QiMwYa7m/uZKUN18rBDatFZCC/iXUSyG0viqkg9qC7FY1yKCs/kp3rk088 Z5Kw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=JPRjWbSLjUjtBBRU+fj4srPZdcchzLUdzmtxe9hoOoY=; b=WNltchjI8k9plWnH+e1itiUqOPipanE69PKQWBmqjiWxZSvdlCXRH6MteegcviPOg7 ONMrlukBiHcxK5uKEEE07gcLMu6oWx1rC+t5lxgeaUQIchgLdcIjQM4fIdKNkOINEAgX pcBqTgh7L7LYEMspzqcV5iQIUgR1NhVqh+ZJ5T261DZnVqbLNXnkamX6SoSbHTom7Hq2 ZZ2bu6re2LRmNGECjLevsDg3BiE7wY9BKFm9tACWXd18W00CgXL9rlvlG7J38jVDpbW1 hUlcOr04xLAHKoemkvwc3J09+B8jRXrh3aXwqiu1AqtE95A7WM2idUBZd9c6aVyGrWDw K5Yw== X-Gm-Message-State: AMke39nIW9IQ+6BRZEPX+2Bwm6p9MF+5ou4PtWtOr0Wqhv0ko4fF+HRbnHqnc/FQW60dlg== X-Received: by 10.36.253.139 with SMTP id m133mr4157988ith.27.1487089353968; Tue, 14 Feb 2017 08:22:33 -0800 (PST) Received: from [10.0.10.3] (cpe-24-165-207-226.neo.res.rr.com. [24.165.207.226]) by smtp.googlemail.com with ESMTPSA id l17sm511304ioi.60.2017.02.14.08.22.33 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 14 Feb 2017 08:22:33 -0800 (PST) Message-ID: <58A32ED6.1020504@gmail.com> Date: Tue, 14 Feb 2017 11:22:46 -0500 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Bernt Hansson CC: "freebsd-questions@freebsd.org" Subject: Re: linksys router behind gateway not working References: <58A3185B.7020606@gmail.com> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Feb 2017 16:22:35 -0000 Bernt Hansson wrote: > On 2017-02-14 15:46, Ernie Luzar wrote: >> Hello list; >> >> I am running 11.0 on my gateway system. It has a small LAN behind it. >> This gateway host has ipfilter firewall and a dhcp server. The LAN is >> cabled from the host to a switch and from the switch to each PC on the >> LAN. I added a cable from the switch to a linksys wifi router. I can >> get wifi and cable connection to the router but no connection to the >> public internet through the LAN. The dhcp server lease file shoes a >> lease for the router. I can see this ip address in the router's >> internal configuration. >> >> Is the problem because the router NATs it's issued ip address and then >> the host gateway system NAT's it again? >> >> Thanks for any light you can shed on this > Our connection is like this, can't check right now but it is from the > top of my head. > > internet--gateway--switch---LAN > | > |-- wifi > > Hope this is readable. The switch is dell power connect 2716 wifi is > asus something. > . > This is what the layout looks like |----router internet--gateway--switch-|---lan pc |---lan pc |-- lan pc The router is a linksys model wrt160n with default internal config. The LAN has worked for many years and still works with the router connected as shown as above, but nothing connected to the router works in this layout. I can cable a pc to the router and get connected to the router and it says that I have internet connection, but trying to browse to a url gives page not found error. The same thing happens if I wifi connect to the router. The gateway is running ipfilter firewall and it's log shows nothing getting logged for the ip address assigned to the router. The setup works if I place the router in front of the gateway so I know there is nothing wrong with the router. Having it this way is a security hole to my gateway server and lan.