You are on page 1of 41

• Skip to Content

• Solutions

+ Not Sure? Try our solution finder

Data Center

o Enterprise Linux Servers
o Virtualization & Workload Management
o Business Service Management

Identity & Security

o Compliance Management
o Identity & Access Management
o Security Management

End-User Computing

o Collaboration
o Endpoint Management

Novell OEM Solutions

o SUSE Appliance Program
o Pre-loaded Linux Desktop
o Cloud Security


o Cloud Computing
o Intelligent Workload Management
• Products
Products By Category


Data Center

o Business Experience Manager
o Business Service Level Manager
o Business Service Manager

o CMDB360
o myCMDB
o myMO Dashboards
o PlateSpin Forge
o PlateSpin Migrate
o PlateSpin Orchestrate
o PlateSpin Protect
o PlateSpin Recon
o SUSE Linux Enterprise High Availability Extension
o SUSE Linux Enterprise Mono Extension
o SUSE Linux Enterprise Point of Service
o SUSE Linux Enterprise Real Time
o SUSE Linux Enterprise Server
o SUSE Linux Enterprise Server for System z
o SUSE Linux Enterprise Server Priority Support for SAP Applications
o SUSE Linux Enterprise Server with Expanded Support
o ZENworks Linux Management

End-User Computing

o Conferencing
o GroupWise
o File Management Suite
o File Reporter
o Open Enterprise Server
o Novell Edition
o Open Workgroup Suite
o Open Workgroup Suite Small Business Edition
o Pulse
o Storage Manager
o Teaming
o ZENworks Application Virtualization
o ZENworks Asset Management
o ZENworks Configuration Management
o ZENworks Endpoint Security Management
o ZENworks Linux Management
o ZENworks Network Access Control
o ZENworks Patch Management

Identity & Security

o Access Governance Suite
o Access Manager
o Cloud Security Service
o Compliance Management Platform
o Identity Manager

o Privileged User Manager
o SecureLogin
o Sentinel
o Sentinel Log Manager
o Sentinel Rapid Deployment

Novell OEM Products

o SUSE Appliance Toolkit
o SUSE Linux Enterprise Desktop
o SUSE Linux Enterprise JeOS
o SUSE Linux Enterprise Thin Client
o SUSE Moblin
o SUSE Studio
• Services & Support

+ Novell Services Overview

Self Support

o Knowledgebase
o Novell Support Advisor
o Discussion Forums
o Documentation
o Support by Product
o Activate My Product
o Technical Subscriptions

Support Programs

o Support from Partner
o Entitlement & Access
o Open Service Request
o Novell Support Programs
o Product Support Lifecycle
o Chat with Us (Non-technical Questions)

Technical Training

o Look Up & Locate Training
o Certification and Testing
o Advanced Technical Training
o Custom On-site Training
o Free Training
o On-demand Training
o Online Training

o Technical Skills Assessments
o Training Partners


o Participate in Beta
o Report Bug
o Share a Tip, Trick, etc.
o Request Enhancement
o Report Software Vulnerability


o Patches
o Products
o Drivers
o Beta
o Cool Tools

Customer Center

o My Profile
o My Products
o My Support
o My Training
o Open Service Request

IT Consulting

o Why Consulting
o Consulting Offerings
o Delivery Excellence Reviews

Fast Tracks

o NetWare to Open Enterprise Server
o Novell Teaming
o ZENworks Migration Assurance
o PlateSpin Forge
• Partners & Communities

+ Novell Partners & Communities Overview

Partner With Novell

o Solution Provider & System Integrator

o Hardware Vendor o Software Vendor o Training Provider PartnerNet o PartnerNet Login o PartnerNet Community o Enablement Central Find a Partner o Partner Locator o SUSE Linux Enterprise ISV Catalog o Certified Partner Products o Alliance Partners User Communities o Cool Solutions o Novell Users International (NUI) o Novell Forums Developers o Developer Library o YES Certified Program o Project Hosting o Developer Community • About Novell + About Novell General Novell o Contact Us o Our Customers o Job Search o Latest Job Postings o Connection Magazine o Events o Media Gallery o Corporate Blogs o Industry Analysts Press .

o Press Releases o Media Resources o News Blog o Subscribe Investor Relations o Annual Meeting o Corporate Governance o Corporate Information o Financial Results o Investor Presentations & Events o SEC Filings o Stock Price • How to Buy + How to Buy Overview o Request a Sales Call o Find a Partner o shopNovell o Shop for Training o Volume Licensing & Buying Programs o Novell Merchandise Change United States. Morris . English Login > cool solutions home HOW-TO: Set Up a SUSE 10 Machine As a Router Novell Cool Solutions: Feature By Scott M.

Restart the network to obtain an IP address for that card. This allowed users to share an Internet connection with several other computers on an internal network. This will be referred to as the "router" machine in this document.2 as a router. These will be referred to as "client" machines in this document. This file is in PDF Format.2.Slashdot This Posted: 21 Dec 2005 Applies to: • SUSE Linux 10 Introduction Quite some time ago. there is a QUICK SUMMARY for advanced users. and a DETAILED EXPLANATION for novice users. For each step. I've written another guide to setting up a router on a SUSE 10 machine. let's look at some of the hardware you will need for this article: • 1 or more computers with 1 Ethernet card in each. Plug the Internet connection into one of the cards. • Internet connection. Necessary Hardware First off. • 1 small hub or switch. It can also save you having to go out and buy a router that does essentially the same thing as what we'll produce here. I wrote an article about how to set up a machine running SUSE Linux Professional 9. • Printed Router Setup Sheet. A Zonet 8-Port 10/100Mbps Switch was used here. Preliminary Router Setup Quick Explanation Set up the two Ethernet cards as DHCP clients. with much of the text shamelessly stolen from my previous article. • 1 computer with 2 Ethernet cards in it. . As there have been many changes since SUSE 9.Rate This Page Reader Rating from 44 ratings • Printer Friendly • tell a friend Digg This . • Some (at least 4) Ethernet cables.

open up YAST. It does not matter which one. Then select NETWORK CARD from the options on the right: Another window comes up.Detailed Steps The first thing that we'll do is get the networking set up on the router machine. On the router box. Here's what mine looks like: . plug the Internet connection into one of the Ethernet cards." We are going to set up the Ethernet cards from this window. click NETWORK DEVICES. On the left. It is called "Network Card Configuration Overview. Then.

Over at the right. now. In the SETUP METHOD box. At this point. you will see that the IP Address column says "Not configured" for both of the cards. that doesn't matter a bit. select the "Automatic Address Setup (via DHCP)" option: . Select one. and then click on EDIT. Yours may be different. The "Network Address Setup" screen appears. We will configure the cards.

we just repeat these steps for the other card. You will see that the card you just configured has DHCP in the IP Address column. and click NEXT.Then. You will be taken back to the list of Ethernet cards. When the screen comes up. select the "Automatic Address Setup (via DHCP)" option. This card should now also say DHCP in the IP Address column. Both of the Ethernet cards should now say DHCP in the IP Address column: . click NEXT in the lower-right corner. Select it and click EDIT. Now.

As root.d/network restart'. it will show you a bunch of output that we don't really care about here. Open up a terminal window. YAST does some saving of the configuration. Next.If this is the case. restart the network by typing '/etc/init. let's make sure we got an IP address from the ISP. we just need to get the IP address from our ISP. To do this.d/network restart After you hit ENTER. This step is shown below: linux:/> su Password: root:/> /etc/init. Now. and then the window closes. click NEXT. This is quite painless. run '/sbin/ifconfig'. like this: .

65.68.1 Mask:255.d/network restart' command as shown above.0.7 Mb) Interrupt:10 Base address:0xa000 lo Link encap:Local Loopback inet addr:127. The IP address follows.e.1 Kb) TX bytes:5290 (5.65.linux:/> /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:02:B3:49:2D:5E inet addr:137.68. We can see that the second line of the eth0 section has this information.252. restart your network by issuing the '/etc/init. Because the eth0 adapter has the IP address.15. Then. We will not use any of its output here. Disregard the lo adapter.1 Kb) linux:/> You will see that this command produces some information for each of your adapters. Find the line in the output above that starts with 'inet addr:'. When you are certain that the eth0 adapter is your external adapter (i..71. So.0. continue with the next step.2 Kb) eth1 Link encap:Ethernet HWaddr 00:08:54:D4:6F:20 inet6 addr: fe80::208:54ff:fed4:6f20/64 Scope:Link UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1893 errors:0 dropped:0 overruns:0 frame:0 TX packets:2680 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:227116 ( Kb) TX bytes:2861917 (2.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:81 errors:0 dropped:0 overruns:0 frame:0 TX packets:81 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:5290 (5. I mean that it is the one that the Internet plugs into. For best results. it has the IP address). If the 'inet addr:' information (IP address) appears in the eth1 section of your output on your screen. When I say external adapter. we know that it is the external adapter. We need to determine which adapter is the external adapter. plug the Internet connection into the other card.0.6 Mb) TX bytes:997627 (974.255 Mask:255. the IP is 137. In this case.15 Bcast:137. As the root (or 'su') user. The first adapter is called eth0 and the second one is called eth1. . how do we find the external adapter? Well. it's the one with the IP address. eth0 should be the external adapter. open a terminal.0.0 inet6 addr: fe80::202:b3ff:fe49:2d5e/64 Scope:Link UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1 RX packets:58949 errors:0 dropped:0 overruns:0 frame:0 TX packets:5367 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:16434036 (15.

When it comes back up. click NETWORK SERVICES. This is very easy to do in SUSE. It's the one that's not the external card. Write the hardware address for this adapter on the "External Card" line on the Router Config sheet. It has no IP address. In my output. Find the adapter on your screen that has the IP address (the eth0 adapter should be the one with the IP address). It should be the eth1 adapter. in the middle of the line. If you were unable to get an IP address from the ISP. Write it on the "Internal Card" line on the Router Config sheet. Then select DNS AND HOSTNAME from the options on the right: . it says "HWaddr" and has some numbers and colons after it. In the sample output above. First. This is the hardware address for my eth0 adapter. Detailed Steps We need to find out what your Name Servers and Gateway are. Now we need to find your internal card. On the left. Let's take a look at your output. again. on the line above the IP address. That's easy. Write Down Name Servers and Gateway Quick Explanation Find and write your Name Servers and Gateway on the Router Config sheet. fire up YAST. My internal card's hardware address is highlighted in red. Find the hardware address for this adapter (on the line above the IP address. the hardware address for my external card is highlighted in green. we need to locate its hardware address. Find the hardware address of your internal card.Now that we know that the eth0 adapter is our external adapter. after "HWaddr"). run these commands (shown above) again to restart your network and display your IP. try restarting your cablemodem or whatever device you use to connect to the Internet.

If a small window appears. click on the MODIFY button. A window comes up that's called "Host Name and Name Server Configuration": .

uncheck the "Update Name Servers and Search List via DHCP" checkbox: .We're not going to change anything here. If the Name Servers are greyed out and hard to read. We're just looking for Name Servers.

0 U 0 0 0 lo close YAST. this is incredibly simple. Also.65.0 U 0 0 0 eth0 169.0 255. just click BACK or ABORT to close the window (do not click FINISH).68.0 255.254 0. Disregard the 3rd Name Server.0.0.0 0. as follows: linux:/> /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 137. Now.252.0.0 U 0 0 0 eth0 127.0 255. Open up a terminal and type '/sbin/route -n' and hit ENTER. we need to find out what your ISP's Gateway is. Again.0 UG 0 0 0 eth0 linux:/> .0.Write down the Name Servers on the Router Config sheet in the NAME SERVER 1 and NAME SERVER 2 spots.0 137.0.0 0. Then.

look in the pane below. Internal Ethernet Card Setup Quick Explanation Set up your internal adapter to have a static IP of 192. Mine is 137. we have to go back into YAST.254 (highlighted green) in this example. That's your Gateway.168. You can now close the terminal window.1. On the left.71. "Device Name" is another name for "hardware address. select it and click EDIT: . Click on an adapter.Again. We need to find the internal card in this list. select NETWORK DEVICES.0. Just look at the very last line in the 'Gateway' column. we don't care about most of this output." You're looking for the adapter in the list whose Device Name shows up on your Router Config sheet as the Internal Card. Detailed Steps Now. On the right. select NETWORK CARD: The "Network Card Configuration Overview" window appears. Now. When you've determined which adapter is the internal one. It will have an IP address.65. Write your Gateway on the Router Config sheet on the line next to "Gateway".

0.1 into the IP Address box: . select the "Static Address Setup" radio button.168. Type 192. In this window.The "Network Address Setup" screen appears.

click NEXT to go back to the main screen." Detailed Steps Head back into YAST. tick "Enable IP Forwarding. Routing Setup Quick Explanation In YAST. Also. click NETWORK SERVICES. also.Then. Click NEXT there. On the left. The gateway will be the one from your ISP. YAST then saves the network configuration and the window closes. set up routing. Then select ROUTING from the options on the right: .

A window comes up called "Routing Configuration". In the DEFAULT GATEWAY box in this window. It should look something like this: . This is where we need the Router Config sheet. tick the "Enable IP Forwarding" box. put in the GATEWAY from the Router Config sheet. Then.

and enable masquerading. select SECURITY AND USERS on the left side.When you have done this. enable desired services. Detailed Steps In YAST. Firewall Setup Quick Explanation Set up the firewall. Select FIREWALL from the options that appear at the right: . Assign cards to proper zones. click FINISH. You are taken back to the YAST window.

A window appears called "Firewall Configuration: Start-Up". in the SERVICE START section. In this window. select the "When Booting" option: .

select the card whose INTERFACE OR STRING matches what you have listed as your External Card on your sheet. This lists your Ethernet cards. You need to tell it which is the internal card and which is the external card. Click CHANGE: .When this is done. First. select the INTERFACES option from the pane on the left. This is a snap using your Router Config sheet. The INTERFACES screen appears.

small window appears. Then click OK: You will see that your card is now configured in the External Zone: .Another. select the EXTERNAL ZONE from the drop-down box. In this window.

Your second card is now configured in the Internal Zone: . select INTERNAL ZONE. then click OK. and click CHANGE. Select the other card from the list. In the small window that appears. we need to configure the other card on the Internal Zone.Next.

A new screen appears: .Now choose ALLOWED SERVICES from the pane on the left.

At the top. if you have a web server on this machine. Select EXTERNAL ZONE from this box. Next. feel free to remove this. At the bottom. A new screen appears called "Firewall Configuration: Network Masquerading. we're going to add services to allow. Your screen will now resemble this: Let's move to the next step and enable Masquerading. Also. you'll probably know how to allow services for it.This is where we tell the firewall what to allow. The SSH service may be enabled by default. Select MASQUERADING from the pane on the left. so I won't cover that here. make sure the "Protect Firewall from Internal Zone" checkbox is not ticked. If you do not use SSH. there is a drop-down box labeled "Allowed Services for Selected Zone"." All we need to do here is tick the checkbox labeled "Masquerade Networks": . If you have a reason for ticking this box. you may wish to add the HTTP service.

When you are satisfied with what this screen says. Verify that all information is correct. click NEXT. click the button labeled "Save Settings and Restart Firewall Now": When it has started. To start up the firewall.To continue. go back to START-UP in the pane on the left. You are taken to a SUMMARY screen. click ACCEPT: .

168. Start the DHCP server.1 as the Gateway. Put in an IP range for your network. Go into the DHCP Server in YAST. and 192. .0. Put in the Name Servers from the ISP.YAST saves the firewall configuration and the window closes. Select the internal adapter to run the DHCP Server on. Install and Configure DHCP Server Quick Explanation Install the 'dhcp-server' package.

When it comes up in the right pane. and SOFTWARE MANAGEMENT on the right: When the window appears. Then. tick the checkbox next to dhcp-server. In YAST. search for the package called dhcp-server. click ACCEPT: .Detailed Steps First. select SOFTWARE from the left. let's make sure you have the DHCP server installed.

In YAST. On the right. The DHCP server is now installed. select NETWORK SERVICES at the left. Next. let's configure it. YAST will then prompt you for a CD. just click CONTINUE. click DHCP SERVER: .If another window about resolving dependencies appears. writes the system configuration. Just click FINISH. and asks if you wish to install more packages. YAST then installs the package(s). which you gladly supply.

0. You just need to pick and add your internal card. It will be the one with the IP of 192. Select this card and click ADD: .The "DHCP Server Wizard (1 of 4): Card Selection" window appears. This screen lists your Ethernet cards.1.168.

A small "x" should appear in the ACTIVE column for that card. tick the checkbox labeled "Open Firewall for Selected Interfaces". Also. Your window should now look something like this: .

gov" for the TIME SERVER. Leave everything else as it is. Type the NAME SERVERS from the sheet into the PRIMARY NAME SERVER IP and SECONDARY NAME SERVER IP spots on this screen. I usually just type in "my.1 into the DEFAULT GATEWAY (ROUTER) field on this page. Whip out your trusty Router Config sheet.168.nist.0. The "DHCP Server Wizard (2 of 4): Global Settings" screen appears. Your screen should look like this: .box" for the DOMAIN NAME in this screen.Click NEXT to continue. Also. put in 192. Type "time.

168. For the First IP Address.0. It should look like this: .168. Don't change anything else.0. The "DHCP Server Wizard (3 of 4): Dynamic DHCP" screen appears.250. put 192.100. put 192.Click NEXT to continue. For the Last IP Address.

We go to the "DHCP Server Wizard (4 of 4): Start- Up" screen. Select the "When Booting" option: . click the NEXT button.To continue.

YAST saves the settings. click the FINISH button. Plug any and all client machine(s) into your hub. Your network should look like this.To finalize the DHCP setup. now: . Plug the internal card into your hub (or switch). and closes the window. Make sure the Internet connection is plugged into the external card on the router box. You can also close any remaining YAST windows. Restart the network on the router machine. it's time to plug everything in the way it is supposed to be. Assemble the Network Quick Explanation Put the network together. Detailed Steps Now. restarts the DHCP Server.

d/network restart It will have a ton of output. . When it does finish. open a terminal window and restart the network on your router machine: linux:/> su Password: root:/> /etc/init. but just let it all finish before you move on. Detailed Steps You should now be able to release and renew IP addresses on each of your client from each to make sure everything is working properly. Depending upon the operating system on each computer. you can close this window.When this is all plugged in. this is done differently. Clients Setup Quick Explanation Renew IP addresses on the client machines and then ping google.

Linux Client Machines: Open up a terminal.99: icmp_seq=2 ttl=239 It should ping three or four times and then quit. Conclusion PING google.39.239. and renew your IP address: linux:/> su Password: root:/> /etc/ to make sure you are able to access the Internet through the router box: linux:/> ping google.99: icmp_seq=4 ttl=239 time=32. You are now finished with this machine and can move on to the next one.4 ms 64 bytes from 216. Press CTRL+C to stop the pinging. Then. You are finished with this machine and can move on to the next one.239. Windows Client Machines: Use the ipconfig command to release: c:\>ipconfig /release It will print out a bunch of stuff. Then use the same command to renew the IP address: c:\>ipconfig /renew And it will renew your IP address. 64 bytes from 216. everything is working.2 ms 64 bytes from 216.9 ms If it starts to scroll responses down the page.d/network restart When this command finishes.99: icmp_seq=1 ttl=239 time=33.99: icmp_seq=3 ttl=239 time=32.99) 56(84) bytes of data. ping (216.2 ms 64 bytes from 216.39.39. ping google to test: c:\>ping google.

UPDATE (2006-01-13): You can now use this article in conjunction with the Port Forwarding on a Router Machine Running SUSE 10. My regards. it solved a problem i've been working with for a long time trying out both Mandrake and Suse. • very good. clear • Well written and straight-forward. First after having defined the DNS adresses on the clients (WinXP) it came to work. Toulouse. it didn't work neither after having followed your instructions. Like Wikis? Joi n the Cool Solutions Wi ki. The Port Forwarding article teaches how to forward incoming connections from the firewall directly to a server internal to your network. thank you • Why should I copy the default gateway into the "router settings" YAST panel? The ISP can change the gateway at will. France • Very nice! But running VPN on router kills internet connection for both router machine and clients. How to solve? • very useful • Beautifully written. I got my router set up thanks to this article! Like w hat you see? Si gn up for our weekly newsletter. However.A router will allow you to share your Internet connection to an internal network of many computers.0 article. i. Erling Christiansen. The Port Forwarding article is designed to be an extension of this current article (Router Setup).e.. for one computer only. simply . Please correct this to use valid names for the NIC. This detail should perhaps be mentioned in the article. this guide will save you some time in learning how to set one up on a machine running SUSE Linux 10. it solves a problem I had for 2 month! thank you very much • WOW! Worked. • Thank you very much. so it's a bad idea to have to update it every time. If you are like me. Reader Comments • Great. This is great if you have 10 computers and only one connection. like magic! Thank you! I've been trying to set up my linux box as a gateway without DHCP. but this is much better. • thanks .a big help • THANKS • Thanks for the help. you won't want to spend $100 on a new router. • Fixation on "eth0' as the Internet facing NIC is wrong. Interes ted? Request a sales call . Thanks. Want to co ntribute? It could earn you a nano! Learn more. Hopefully.

webwiseone.529.Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.3400 local numbers • Request Call Novell® Making IT Work As One™ • Careers • Contact Us • Feedback • Legal © 2010 Novell Expand next previous Close Previous 0/0 Next .com Advertising in Cool Solutions Talk to Us Submit Content Subscribe Cool Solutions Home (New) Classic Cool Solutions Home Authors Cool Blogs Cool Solutions Wiki Cool Tools Get Involved > Open Audio (podcasts) • 1.800. www.