0

I have an Ubuntu 20 machine as an internet gateway with two WANs ens160 and ens192. I switch the default route on the gateway like ip r re 0/0 dev160(or ens192) and the clients on the LAN access the web without any problem. But if I want to let a specific user through the specified WAN, such as

ip ru add from 192.168.3.60 lookup 100
ip r a 0/0 dev ens192 t 100

client 192.168.3.60 has an issue accessing some web resources like images, looks like a TCP MSS problem, but iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -o ens192 -j TCPMSS --clamp-mss-to-pmtu can't fix it.

Can anyone offer some help?

timy
  • 699
  • 1
  • 7
  • 14
  • Did you forget to add the gateway (and the route to the gateway) in the default route? You appear to abbreviate everything, fine, but harder to read for us especially if you omit details. – A.B Apr 10 '22 at 12:39
  • Also if there's no tunnel, even if this is a PMTU problem, the iptables command won't have any effect: the interfaces have the same mtu (ie: 1500). – A.B Apr 10 '22 at 12:59

0 Answers0