I have a relatively new GW box ( CentOS 6.5 ) that can ping www.apple.com. When I change computers inside my network to use this GW as †he default GW, they cannot access the internet. So then I change it back to the old GW, and they can access the internet again. The internal computers are various windows machines ( Vista, Windows 7, etc ), and various linux machines ( another CentOS box, an old RedHat Linux 9 machine, etc ). So my questions are:
- How can the new GW ping www.apple.com, but internal computers that are setup to use that GW cannot ping www.apple.com? Put another way, why would this GW not allow internet access through it?
- What iptable settings can I check on the newer GW machine to see if that is blocking it? I started with the exact same iptables from the older GW machine ( which allows internet access through ), changing the IPs as needed ( from old GW IP to newer GW IP, for instance ).
Thanks. Just look for a starting point.
EDIT:
[root@wmsgateway ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@wmsgateway ~]# iptables -L -n -v
Chain INPUT (policy ACCEPT 7175 packets, 739K bytes)
pkts bytes target prot opt in out source destination
1 60 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9091 LOG flags 0 level 4
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9093 LOG flags 0 level 4
Chain FORWARD (policy ACCEPT 161 packets, 14106 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 6424 packets, 629K bytes)
pkts bytes target prot opt in out source destination
[root@wmsgateway ~]#
Note that iptables does have some settings, you just cannot see them this way. Running "iptables -L -t nat -v" gets the different port mappings, for instance.
EDIT 2:
Also, here is the routing table ( with external IP obfuscated ):
+ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
68.AAA.BBB.CC2 0.0.0.0 255.255.255.248 U 0 0 0 eth2
192.168.254.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth2
0.0.0.0 68.AAA.BBB.CC3 0.0.0.0 UG 0 0 0 eth2
Where "AAA", "BBB", and "CC" are the same between these two external IPs.
Also, here is ifconfig ( once again with the external IP obfuscated in the exact same way as above ):
+ ifconfig
eth0 Link encap:Ethernet HWaddr 80:3F:5D:08:8F:94
inet addr:192.168.254.80 Bcast:192.168.254.255 Mask:255.255.255.0
inet6 addr: fe80::823f:5dff:fe08:8f94/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:410127 errors:0 dropped:0 overruns:0 frame:0
TX packets:385512 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:42227089 (40.2 MiB) TX bytes:37546249 (35.8 MiB)
eth2 Link encap:Ethernet HWaddr 00:24:8C:90:99:FB
inet addr:68.AAA.BBB.CC5 Bcast:255.255.255.255 Mask:255.255.255.248
inet6 addr: fe80::224:8cff:fe90:99fb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1308912 errors:0 dropped:0 overruns:0 frame:0
TX packets:1192461 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:499876320 (476.7 MiB) TX bytes:179686421 (171.3 MiB)
Interrupt:25 Base address:0xe000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:106248 errors:0 dropped:0 overruns:0 frame:0
TX packets:106248 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:105325072 (100.4 MiB) TX bytes:105325072 (100.4 MiB)
wlan0 Link encap:Ethernet HWaddr 00:21:00:E3:7E:79
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
It is interesting, but eth2 has an external IP not listed in route -n. Could that be the problem?