In this simple tutorial, I will show you how to configure the Ubuntu server as Internet gateway, which also serves as DHCP and DNS Server!
Scenario:
- Ubuntu server with 2 Network Cards 1 is connected to Internet and named as WAN,which takes the ip address through dhcp and the other one is connected to the Local Network and named as LAN,which has static ip address 10.10.10.1/24.
- Windows Client(s), which takes ip address from Ubuntu Server, also use it as name resolution server (Internet) and gateway.
Prerequisite(s):
- Change the Network Cards name using this Tutorial.
- Install the Webmin, also using this Tutorial.
First, We will check the ip address setting for the above scenario:
sudo nano /etc/network/interfaces
It will show the ip address that associated with the each interface:
Now, we also examine the output of ifconfig command:
ifconfig
We need to install two packages to accomplish the goal of this tutorial:
sudo apt-get install isc-dhcp-server bind9
Because there is more than one network card(s) in Ubuntu server, so we need to select the network card on which our server will be listen for dhcp request. (By default, it listens on eth0/WAN in this case).
We can change this by editing the /etc/default/isc-dhcp-server file:
sudo nano /etc/default/isc-dhcp-server
Put “LAN“ in the INTERFACES place:
Now we will change the default configuration by editing /etc/dhcp/dhcpd.conf, I normally delete everything inside the file and manually add the configuration that suits my needs 
sudo nano /etc/dhcp/dhcpd.conf
Here is my dhcpd.conf file, you need to change it according to your needs:
ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
option subnet-mask 255.255.255.0;
option broadcast-address 10.10.10.255;
option routers 10.10.10.1;
option domain-name-servers 10.10.10.1;
option domain-name "ubuntu.firewall";
subnet 10.10.10.0 netmask 255.255.255.0 {
range 10.10.10.50 10.10.10.200;
}
Restart dhcp service using the following command:
sudo service isc-dhcp-server restart
To enable ip forwarding, edit /etc/sysctl.conf file:
sudo nano /etc/sysctl.conf
Uncomment the net.ipv4.ip_forward=1:
Login to the Webmin using https://server-ip:10000, In my case it is,https://tendo-Firewall:10000.
Follow these steps in order to enable the MASQUERADE(NAT):
To save the Firewall(Iptables) setting, do this:
After saving the setting, check the /etc/network/interfaces file once again:
sudo nano /etc/network/interfaces
Notice that it added one line under LAN interface:
The purpose of this line is to enable the Masquerading, as soon as the interface LAN will up and running!
Test from Windows 7 that connect to LAN:
Hurry, We are able to access the Internet, this mean we configure the Ubuntu server as gateway successfully 🙂
Note: In order to secure this server we need to do some extra work, which I will show you really soon!
Hope this will help you!
Please Remember me in your prayers!
Like this:
Like Loading...
