Iptables NATforwarding setup
I have 2 Virtual machines with CentOS7:
Networkcard : Intern network IP
192.168.1.10
w/ GW: 192.168.1.254 enp0s3 (Client1) (NO DIRECT CONNECTION TO INTERNET)Networkcard : Intern network IP
192.168.1.254
enp0s3 and NAT IP10.0.3.15
enp0s8 (Client2) (HAS INTERNET CONNECTION) (NO GW's)
The goal is to be able to ping to for example google.com with Client1, who hasn't direct internet connection but the connection forwarded by client2.
How can I do this with iptables?
Solution 1:
Ok is simple. You must enable forwarding on the machine that is going to do the NAT. You must do two things for this:
echo 1 > /proc/sys/net/ipv4/ip_forward
and
iptables -P FORWARD ACCEPT
And then masquerade for the output to internet doing:
iptables -t nat -A POSTROUTING -o enp0s8 -j MASQUERADE
We are assuming that you don't have other rules conflicting this and that the Client2 has internet access working. You can clean all rules before doing this with iptables -F
and iptables -t nat -F
and then launching this rules I put before.