On Jul 18, 2006, at 11:54 AM, Marc Breslow wrote: > I want to provide internet connectivity to this 2nd machine routed > through the firewall. Currently, I can reach two machines on the > 192.168.1.0/24 network (.5 and .3) but I can’t reach the router (. > 1) or anything outside. what does the file /proc/sys/net/ipv4/ip_forward contain (on the CentOS box that's connected to the router)? if this file contains "0", your machine will not forward packets. > Firewall routing tables: > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric Ref > Use Iface > > 10.0.0.0 0.0.0.0 255.255.255.254 U 0 > 0 0 eth4 > > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 > 0 0 eth1 > > 192.168.202.0 0.0.0.0 255.255.255.0 U 0 > 0 0 eth3 > > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 > 0 0 eth4 > > 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 > 0 0 eth1 > > > > 192.168.202.10 routing table: > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric Ref > Use Iface > > 192.168.202.0 0.0.0.0 255.255.255.0 U 0 > 0 0 eth1 > > 10.1.16.0 0.0.0.0 255.255.240.0 U 0 > 0 0 eth0 > > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 > 0 0 eth0 > > 0.0.0.0 192.168.202.1 0.0.0.0 UG 0 > 0 0 eth1 are you sure that the machine 192.168.202.10 has an eth3 interface? i think you made a typo in your original message. can you ping 192.168.202.1 from the second machine? what is the output of `traceroute 192.168.1.1`? -steve --- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v