Dastlab, IP manzillarni tekshirib ko’ramiz:
Gateway (sedicomm-devgateway)
Public IP: 10.20.20.1
Private IP: 192.168.0.101/24
Private Subnet: 192.168.0.0/24
Gateway (sedicomm-prodgateway)
Public IP: 10.20.20.3
Private IP: 10.0.2.15/24
Private Subnet: 10.0.2.0/24
Keyingi qadamda, /etc/sysctl.conf buyrug’i yordamida tizim yadrosida paketlarni uzatishni yoqishni amalga oshiramiz:
sudo nano /etc/sysctl.conf
Endi, quyidagilarni ajratib olamiz:
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
14.35-rasm. IP4 va IP6 sozlamalarini sozlash.
Keyin quyidagi buyruqni bajarib, yangi sozlamalarni yuklab olamiz:
sudo sysctl –p
14.36-rasm. Yangi sozlamalarni yuklab olish.
Agar sizda UFW xavfsizlik (firewall) xizmati yoqilgan bo'lsa, konfiguratsiya fayliga / /etc/ufw/before.rules ni kiritamiz.
Gateway (sedicomm-devgateway)
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 10.0.2.0/24 -d 192.168.0.0/24 -j MASQUERADE
COMMIT
Gateway (sedicomm-prodgateway)
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.0.0/24 -d 10.0.2.0/24 -j MASQUERADE
COMMIT
Firewall xizmati parametrlari qo’shilgandan so’ng, unga quyidagi o’zgartirishlarni kiritishimiz mumkin:
Do'stlaringiz bilan baham: |