Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- configure your public and private network interface(use 2 nic):
- edit /etc/network/interfaces:
- sudo nano /etc/network/interfaces
- # public network interface
- auto eth0
- iface eth0 inet dhcp
- # private network interface
- auto eth1
- iface eth1 inet static
- address 192.168.182.1
- netmask 255.255.255.0
- broadcast 192.168.182.255
- network 192.168.182.0
- install and configure DHCP service:
- install isc-dhcp-server:
- sudo apt-get install isc-dhcp-server
- specify that the private network interface is the one using the dhcp service:
- edit /etc/default/isc-dhcp-server:
- sudo nano /etc/default/isc-dhcp-server
- change the interface:
- INTERFACES="eth1"
- configure the dhcp:
- edit /etc/dhcp/dhcpd.conf:
- sudo nano /etc/dhcp/dhcpd.conf
- default-lease-time 600;
- max-lease-time 7200;
- option subnet-mask 255.255.255.0;
- option broadcast-address 192.168.182.255;
- option routers 192.168.182.254;
- option domain-name-servers 8.8.8.8, 8.8.4.4;
- option domain-name "yourdomainname.com";
- subnet 192.168.182.0 netmask 255.255.255.0 {
- range 192.168.182.100 192.168.182.199;
- }
- CONFIGURE NAT:
- enable ufw(uncomplicated firewall):
- by default deny everything:
- sudo ufw default deny
- allow SSH:
- sudo ufw allow ssh
- turn on firewall logging:
- sudo ufw logging on
- enable ufw(firewall):
- sudo ufw enable
- enable ip forwarding:
- edit /etc/sysctl.conf:
- sudo nano /etc/sysctl.conf
- uncomment:
- net.ipv4.ip_forward=1
- configure iptables to allow internet connection sharing:
- edit /etc/rc.local:
- sudo nano /etc/rc.local
- add the following below before the exit 0:
- /sbin/iptables -P FORWARD ACCEPT
- /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
- restart ubuntu server:
- sudo reboot
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement