For some reason my Nethserver refuses to act as a Gateway for the green network. I have no firewall rules and from everything I’ve read, it should work out of the box.
It’s a very basic setup with 1 Green and 1 Red interface. But when I set my PC up to use the Nethserver as the gateway the logs report that it drops the connection:
Red interface gets the IP of your Router/Provider as gateway. The green interface only gets an IP, no gateway. Your Client gets the IP of green interface as gateway.
The Red card is a static IP I applied to it of 192.168.8.11/24 the red card is also a static IP of 10.0.88.2/24 and it connects to the Mikrotik router which has 10.0.88.1/24 as the address.
Examples I’ve tried:
Nethserver:
Using the the Gateway and DNS of both the Mikrotik and Nethserver itself. Also, using the Gateway of the Mikrotik and the Nethserver.
When I ping any address from the Nethserver Terminal it resolves and returns the correct IP to any DNS query.
On The PC:
When I use the Gateway as the Nethserver with any of the configs above, the internet is either super slow to receive web pages or times out.
I can use the Mikrotik as the Gateway on the PC and the internet is really responsive and no issues at all surfing.
So something I’ve done or neglected to do is preventing me from using the Nethserver as the GW. When I do a speed test on the Nethserver I get 70 down and 30 Up, so the connectivity is not the issue.
I’m at a loss of what to do next.
Thanks for your patience and understanding with this…
Ping results are as follow when I use the Mikrotik (10.0.88.1) as the Gateway I can ping everything without issue.
When I use Nethserver (192.168.8.11) as the gateway, I can ping everything including the Mikrotik Gateway 10.0.88.1, but it seems a bit random and pinging 10.0.88.1 will give mixed results with time out being experienced more often than not, so it’s definitely Nethserver blocking the route to the Mikrotik.
Let me try to visualize your situation:
internet
external IP Mikrotik
Mikrotik Router
Internal IP Mikrotik: 10.0.88.2 (GW for NS RED interface)
external IP NS RED interface 10.0.88.1
NethServer
Internal IP NS GREEN interface: 192.168.8.11 (GW for rest of your LAN clients)
Switch to rest of your LAN
Can you doublecheck you connected RED and GREEN interfaces correctly? (RED to Mikrotik and GREEN to LAN Switch)
You didn’t accidentally connect both RED and GREEN to the MikroTik router did you?
Can you access NS from a LAN client? (through the GREEN interface)
Can you reach the NS RED interface from a LAN client?
Can you reach the Mikrotik router from NS?
Can you reach the Mikrotik router from a LAN client?
What happens if you (temporarily) disable Shorewall? Do you have access to outside from a LAN client?
What device(es) are DHCP server? and what IP ddresses do they give out.
I think I’ve figured it out. I’ve tested at another location and it works flawlessly.
At this other location I could dedicate a port on the Mikrotik to both the RED and GREEN interfaces, whereas at the test site I had to share a port for RED and GREEN and I think that was causing some issue even though I could ping it and on the surface looked like it would work.
I do apologise for wasting your time, it was unintended because I’m so green using Nethserver.
No, they were on the different subnets, but I tried to do some fancy multi-homed shared port setup where the port that did the green subnet on the Mikrotik was also masquerading as the red subnet for the Nethserver. This was because I had no more ports available on the Mikrotik to separate the two.
Although everything seemed to work because I could ping it and the Nethserver could see it and confirmed connection, it just couldn’t be routed I suppose.
What did I learn from this? Stop trying to be a smart arse…
