In this simple tutorial, I will show you how to configure the Ubuntu server as Internet gateway, which also serves as DHCP and DNS Server!
Scenario:
- Ubuntu server with 2 Network Cards 1 is connected to Internet and named as WAN,which takes the ip address through dhcp and the other one is connected to the Local Network and named as LAN,which has static ip address 10.10.10.1/24.
- Windows Client(s), which takes ip address from Ubuntu Server, also use it as name resolution server (Internet) and gateway.
Prerequisite(s):
- Change the Network Cards name using this Tutorial.
- Install the Webmin, also using this Tutorial.
First, We will check the ip address setting for the above scenario:
sudo nano /etc/network/interfaces
It will show the ip address that associated with the each interface:
Now, we also examine the output of ifconfig command:
ifconfig
We need to install two packages to accomplish the goal of this tutorial:
sudo apt-get install isc-dhcp-server bind9
Because there is more than one network card(s) in Ubuntu server, so we need to select the network card on which our server will be listen for dhcp request. (By default, it listens on eth0/WAN in this case).
We can change this by editing the /etc/default/isc-dhcp-server file:
sudo nano /etc/default/isc-dhcp-server
Put “LAN“ in the INTERFACES place:
Now we will change the default configuration by editing /etc/dhcp/dhcpd.conf, I normally delete everything inside the file and manually add the configuration that suits my needs
sudo nano /etc/dhcp/dhcpd.conf
Here is my dhcpd.conf file, you need to change it according to your needs:
ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
option subnet-mask 255.255.255.0;
option broadcast-address 10.10.10.255;
option routers 10.10.10.1;
option domain-name-servers 10.10.10.1;
option domain-name "ubuntu.firewall";
subnet 10.10.10.0 netmask 255.255.255.0 {
range 10.10.10.50 10.10.10.200;
}
Restart dhcp service using the following command:
sudo service isc-dhcp-server restart
To enable ip forwarding, edit /etc/sysctl.conf file:
sudo nano /etc/sysctl.conf
Uncomment the net.ipv4.ip_forward=1:
Login to the Webmin using https://server-ip:10000, In my case it is,https://tendo-Firewall:10000.
Follow these steps in order to enable the MASQUERADE(NAT):
To save the Firewall(Iptables) setting, do this:
After saving the setting, check the /etc/network/interfaces file once again:
sudo nano /etc/network/interfaces
Notice that it added one line under LAN interface:
The purpose of this line is to enable the Masquerading, as soon as the interface LAN will up and running!
Test from Windows 7 that connect to LAN:
Hurry, We are able to access the Internet, this mean we configure the Ubuntu server as gateway successfully 🙂
Note: In order to secure this server we need to do some extra work, which I will show you really soon!
Hope this will help you!
Please Remember me in your prayers!
Pingback: DHCP server dynamically update the DNS records on Ubuntu 12.04LTS « Lazy Geek -:)
Nice tutorial, but “Note: In order to secure this server we need to do some extra work, which I will show you really soon”
Where is it? :S
Pingback: How to set-up ubuntu pc router
Hurrah, that’s what I was looking for, what a material! present here at this blog, thanks admin of this web site.
really nice mater to route…..
This post saved us! It is a very good manual for setting up a WiFi server. Thank you very much
Pingback: Creating an Ubuntu Router - Bots!
A very comprehensive tutorial, thank you!
Have read many documentations trying to accomplish this very thing. This was/is definitely the best. Looking forward to the Securing your server tutorial 🙂
Pingback: Force users to authenticate | DL-UAT
Pingback: [server] Force users to authenticate topic | ubuntu
Pingback: Setup a Ubuntu server as a Gateway | frankfzw