Step Six: Testing internal MASQ client to external MASQ
server connectivity
From an internal MASQed computer, ping the IP address of the MASQ server's
EXTERNAL TCP/IP address obtained in Step FIVE above. This address could be
from your Ethernet, PPP, etc. interface which is ultimately the address
connected to your ISP. This ping test will prove that Linux masquerading
(ICMP Masquerading specifically) and IP forwarding is working.
If everthing thing is working correctly, the output should look something
like the following (hit Control-C to abort the ping):
-------------------------------------
masq-client# ping 12.13.14.15
PING 12.13.14.15 (12.13.14.15): 56 data bytes
64 bytes from 12.13.14.15: icmp_seq=0 ttl=255 time=0.8 ms
64 bytes from 12.13.14.15: icmp_seq=1 ttl=255 time=0.4 ms
64 bytes from 12.13.14.15: icmp_seq=2 ttl=255 time=0.4 ms
64 bytes from 12.13.14.15: icmp_seq=3 ttl=255 time=0.5 ms
^C
--- 12.13.14.15 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.4/0.5/0.8 ms
------------------------------------- |
If this test doesn't work, first make sure that the "Default Gateway" on the
MASQed PC is pointing to the IP address on the MASQ -SERVERs- INTERNAL NIC.
Also double check that the /etc/rc.d/rc.firewall script was run without any
errors. Just as a test, try re-running the /etc/rc.d/rc.firewall script now
to see if it runs OK. Also, though most kernels support it by default, make
sure that you enabled "ICMP Masquerading" in the kernel comfiguration and
"IP Forwarding" in your /etc/rc.d/rc.firewall script.
If you still can't get things to work, take a look at the output from the
following commands run on the Linux MASQ SERVER: