Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:network:routedclient [2018/09/16 11:19] – changing link to new firewall articles befor move operation bobafetthotmail | docs:guide-user:network:routedclient [2019/09/22 05:38] – links updated vgaetera | ||
|---|---|---|---|
| Line 151: | Line 151: | ||
| In addition to the files in the [[# | In addition to the files in the [[# | ||
| - | * [[inbox:firewall:start/ | + | * [[docs: |
| === Step 1: Change the firewall configuration === | === Step 1: Change the firewall configuration === | ||
| - | Edit the ''/ | + | Edit the ''/ |
| Disable masquerading and set the incoming traffic policy to ACCEPT: | Disable masquerading and set the incoming traffic policy to ACCEPT: | ||
| Line 216: | Line 216: | ||
| ==== After setup everything works BUT client subnet cannot access internet ==== | ==== After setup everything works BUT client subnet cannot access internet ==== | ||
| - | This is due to the reason that AP router (in this case 192.168.1.1) does not masquerade client subnet (192.168.2.0/ | + | This is due to the reason that AP router (in this case 192.168.1.1) does not masquerade client subnet (192.168.2.0/ |
| - | \\ | + | |
| If you cannot (or don't want to) modify AP router' | If you cannot (or don't want to) modify AP router' | ||
| - | Edit the ''/ | + | Edit the ''/ |
| | '' | | '' | ||
| Line 322: | Line 322: | ||
| First we should enable the possibility that packets coming on | First we should enable the possibility that packets coming on | ||
| the wan side of **WC** could reach the lan side of **WC**. This | the wan side of **WC** could reach the lan side of **WC**. This | ||
| - | is done through forwarding (see [[docs: | + | is done through forwarding (see [[docs: |
| In particular we want that if a packet coming on the wan side of **WC** has the source in the network | In particular we want that if a packet coming on the wan side of **WC** has the source in the network | ||