Enabling NAT forwarding using a second WAN interface and a second gateway on ubuntu
- by nixnotwin
I have 3 interfaces:
eth0 192.168.0.50/24
eth1 10.0.0.200/24
eth2 225.228.123.211
The default gateway is 192.168.0.1 which I want to keep as it is in the changes I want to make.
I want to masquerade eth1 10.0.0.200/24 and enable NAT forwarding to eth2. So I have done this:
ip route add 225.228.123.208/29 dev eth2 src 225.228.123.211 table t1
ip route add default via 225.228.123.209 dev eth2 table t1
ip rule add from 225.228.123.211 table t1
ip rule add to 225.228.123.211 table t1
Now I can receive ping replies from any internet host if I did:
ping -I eth2 8.8.8.8
To enable NAT forwarding I did this:
sudo iptables -A FORWARD -o eth2 -i eth1 -s 10.0.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
But it isn't working. To test I used a client pc and put it on 10.0.0.0/24 network and gateway was set as 10.0.0.200.
I want to have 192.168.0.1 as default gateway. And the traffic that comes in via eth1 10.0.0.200/24 should be forwarded to eth2 225.228.123.211.
I have enabled forwarding on ubuntua also.