Need help getting a linux client to ping WAN side


Recommended Posts

Hello all!

Apologies if this is a really stupid error I've made in here somewhere but I'm still really new to the linux networking world - only just getting back into it after a long time with windows.

I've got a setup in Virtual box with the following:

Linux server (mint). Acts as DHCP server.

  • eth0 IP: 192.168.1.1 (static)
  • eth1 IP: 192.168.15.12 (obtained by DHCP from my main LAN which in this case, would be the "WAN" I'm trying to get the client to connect to)
  • has 2 network adapters, eth0 (LAN) and eth1 (WAN).
  • Adapter 1 (eth0) settings in virtual box are set to "internal network", promiscuous mode: deny
  • Adapter 2 (eth1) settings in virtual box are set to "bridged adapter" , promiscuous mode: deny

Linux client (mint).

  • IP: 192.168.1.10, assigned by DHCP by the server above

The problem:

From the server I can successfully ping the client and also the "wan" being my main physical network, which is the 192.168.15.x network. Everything seems to work how it should

The client, however, can ping the server, but nothing on the "wan". If I try and ping 192.168.15.1, I get a destination host unreachable error. The traceroute makes it to the server and stops there.

My guess is, I've set routing or iptables up wrong but not sure where I've gone wrong.

Here are some links to pastebins of the contents of my config files on the server:

The iptables command I used was:

sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

 

If anyone can help me see what mistake I've made or something I've missed I would be very grateful! :D

Ok so after googling for a while I came across someone with the same issue and found the fix!!

 

Even though it's working now I'll post the fix here incase anyone else has the same issue: 

 

Adding the line:

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

into /etc/rc.local is necessary to make forwarding work, even if the command has been run before

 

Could anyone explain why this needs to be added even though I've run the same command as root previously?

The iptables command is not persistent, the rules are lost on reboot. You must use iptables-save and iptables-restore (or the iptables-persistent package) or use a frontend like ufw that automates that for you.

You can also do it on rc.local but usually if you have a complex set of rules you'd want to keep it more organized on it's own config file.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Welcome to our cozy corner of the internet!
    • XnView Shell Extension 4.2.0 by Razvan Serea XnView Shell Extension is a powerful Windows Explorer add-on that enhances file management by providing quick image previews, thumbnails, and context menu tools without launching XnView. It supports over 500 image formats including RAW (CR2/NEF), WebP, HEIC, TIFF, and vector formats (PSD/SVG), allowing users to resize, convert, edit, and optimize images directly from the right-click menu. The lightweight integration streamlines workflows, enabling batch processing, metadata viewing (EXIF/IPTC), and seamless format conversion—ideal for photographers, designers, and casual users who need efficient file handling. Beyond basic previews, the extension offers advanced features like image rotation, format adjustments, and plugin support. Its intuitive interface ensures fast access to editing tools while maintaining system performance. XnView Shell Extension key features: 500+ Format Support – Opens and converts RAW, WebP, HEIC, TIFF, PSD, SVG, and more Batch Processing – Convert, resize, or rename multiple images at once Lossless JPEG Editing – Rotate, flip, and adjust without quality loss Metadata Preservation – Retains EXIF, IPTC, and XMP data during conversions Advanced Compression – Customize JPEG quality, PNG optimization, and WEBP settings Color Management – Handles ICC profiles, bit-depth (8/16/32-bit), and CMYK-to-RGB conversion PDF & GIF Support – Extract images from PDFs or create animated GIFs High-Speed Previews – Fast thumbnails and image previews in Windows Explorer Right-Click Actions – Quick access to resize, rotate, and convert without opening apps Plugin Extensibility – Add support for niche formats like DDS, HDR, or DICOM Download: XnShell 64-bit | Portable 64-bit | ~10.0 MB (Freeware) Download: XnShell 32-bit | Portable 32-bit | ~3.0 MB Links: XnView Shell Extension Home Page | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Another win for EU users? Ads in WhatsApp won't be coming this year by David Uzondu You might have heard that ads are making their way to WhatsApp after years of the company promising it would never happen. If you are in the EU (lucky you), you won't be seeing ads until 2026 at the earliest. A new report from POLITICO confirms that Meta, which owns the messaging service, has informed Ireland's privacy regulator that the new advertising model will not roll out in the European Union for quite some time, even as it appears elsewhere in the coming months. This is not some charitable act, of course. The delay gives European regulators time to scrutinize the plan, which involves using ad preferences from linked Facebook and Instagram accounts to target users. This situation follows a pattern of other "wins" for EU users, like the changes in iOS 17.4 that finally enabled sideloading. This opened the door for alternative app stores and the (temporary) return of games like Fortnite to iPhones in the region. Similarly, we are seeing Microsoft finally back off from shoving Edge down the throats of EU users, all thanks to the Digital Markets Act. This legislation has put pressure on big tech companies to operate more "fairly" within the bloc, leading to changes that users everywhere else can only dream of for now. These regulations are precisely what companies like Apple hate. Remember, Apple has issued a warning to Australia, telling the country not to follow Europe's lead on these matters because it would create massive security and privacy risks. Apple argues that its control over the ecosystem keeps users safe, so any attempt to break that open is dangerous. The Irish Data Protection Commission will be meeting with WhatsApp to discuss the matter further. According to Commissioner Des Hogan, they plan to discuss the ad model with other European data protection authorities to gather any collective concerns. Commissioner Dale Sunderland noted that discussions with the company are "still early days", and it is too soon to identify what, if any, specific "red line issues" might exist with Meta's advertising plans. For now, Europeans can continue using their ad-free messenger, while the rest of the world prepares for the inevitable.
    • Welcome to Neowin!
    • Idiots never imagine their insane actions troubling everyone.  
  • Recent Achievements

    • Week One Done
      Wayne Robinson earned a badge
      Week One Done
    • One Month Later
      Karan Khanna earned a badge
      One Month Later
    • Week One Done
      Karan Khanna earned a badge
      Week One Done
    • First Post
      MikeK13 earned a badge
      First Post
    • Week One Done
      OHI Accounting earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      688
    2. 2
      ATLien_0
      265
    3. 3
      Michael Scrip
      204
    4. 4
      +FloatingFatMan
      170
    5. 5
      Steven P.
      144
  • Tell a friend

    Love Neowin? Tell a friend!