-1

I set up a router on my linux machine as described here. Now I can ping the server/router from my windows client. I can also ping my linux client from my windows client. But I can not ping the windows client from either the server/router or the linux client.

Here is the output of ipconfig /all

Thanks M$ for not allowing me to select text

and here is the iptables logs

EDIT 1 Interface info 

cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
#auto eth1
#iface eth1 inet dhcp
#iface eth1 inet static
    #address 192.168.0.19
    #netmask 255.255.255.0
    #gateway 192.168.0.1

#Internet NIC
auto eth1
    iface eth1 inet static
    address 192.168.0.19
    netmask 255.255.255.0
    broadcast 192.168.0.255
    network 192.168.0.0
    gateway 192.168.0.1
    dns-nameservers 8.8.8.8

#Internal NIC
auto eth0
    iface eth0 inet static
    address 192.168.66.254
    netmask 255.255.255.0
    broadcast 192.168.66.255
    network 192.168.0.0

#Local bridge network
#iface br0 inet static
    #bridge_ports eth0 eth1
    #address 192.168.0.254
    #netmask 255.255.255.0

As well as DHCP info

cat /etc/dhcp/dhcpd.conf
#
# Sample configuration file for ISC dhcpd for Debian
#
# Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
# configuration file instead of this file.
#
#

# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;

# option definitions common to all supported networks...
option domain-name "example.org";

default-lease-time 600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

# No service will be given on this subnet, but declaring it helps the 
# DHCP server to understand the network topology.

#subnet 10.152.187.0 netmask 255.255.255.0 {
#}

# This is a very basic subnet declaration.

#subnet 10.254.239.0 netmask 255.255.255.224 {
#  range 10.254.239.10 10.254.239.20;
#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}

# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.

#subnet 10.254.239.32 netmask 255.255.255.224 {
#  range dynamic-bootp 10.254.239.40 10.254.239.60;
#  option broadcast-address 10.254.239.31;
#  option routers rtr-239-32-1.example.org;
#}

# A slightly different configuration for an internal subnet.
#subnet 10.5.5.0 netmask 255.255.255.224 {
#  range 10.5.5.26 10.5.5.30;
#  option domain-name-servers ns1.internal.example.org;
#  option domain-name "internal.example.org";
#  option routers 10.5.5.1;
#  option broadcast-address 10.5.5.31;
#  default-lease-time 600;
#  max-lease-time 7200;
#}

# Hosts which require special configuration options can be listed in
# host statements.   If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.

#host passacaglia {
#  hardware ethernet 0:0:c0:5d:bd:95;
#  filename "vmunix.passacaglia";
#  server-name "toccata.fugue.com";
#}

# Fixed IP addresses can also be specified for hosts.   These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
#  hardware ethernet 08:00:07:26:c0:a5;
#  fixed-address fantasia.fugue.com;
#}

# You can declare a class of clients and then do address allocation
# based on that.   The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.

#class "foo" {
#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}

#shared-network 224-29 {
#  subnet 10.17.224.0 netmask 255.255.255.0 {
#    option routers rtr-224.example.org;
#  }
#  subnet 10.0.29.0 netmask 255.255.255.0 {
#    option routers rtr-29.example.org;
#  }
#  pool {
#    allow members of "foo";
#    range 10.17.224.10 10.17.224.250;
#  }
#  pool {
#    deny members of "foo";
#    range 10.0.29.10 10.0.29.230;
#  }
#}

option subnet-mask 255.255.255.0;
option broadcast-address 192.168.66.255;
option routers 192.158.66.254;
option domain-name-servers 8.8.8.8;

#host raspi1 {
    #hardware ethernet AA:BB:CC:DD:EE:FF;
    #fixed-address 192.168.66.101;
#}

host ws-01 {
        hardware ethernet 40:16:7E:77:23:A2;
        fixed-address 192.168.66.1;
    #option domain-name-servers 8.8.8.8;
}

host ws-02 {
        hardware ethernet 40:16:7E:77:23:E3;
        fixed-address 192.168.66.2;
    #option domain-name-servers 8.8.8.8;
}

host ws-03 {
        hardware ethernet 40:16:7E:77:23:7D;
        fixed-address 192.168.66.3;
    #option domain-name-servers 8.8.8.8;
}

host ws-04 {
        hardware ethernet 40:16:7E:77:23:A2;
        fixed-address 192.168.66.4;
    #option domain-name-servers 8.8.8.8;
}

host ws-05 {
        hardware ethernet 40:16:7E:77:23:A2;
        fixed-address 192.168.66.5;
    #option domain-name-servers 8.8.8.8;
}

host ws-06 {
        hardware ethernet 40:16:7E:77:23:A2;
        fixed-address 192.168.66.6;
    #option domain-name-servers 8.8.8.8;
}

host ws-10 {
        hardware ethernet a0:d3:c1:1f:6f:1e;
        fixed-address 192.168.66.10;
    #option domain-name-servers 8.8.8.8;
}

subnet 192.168.66.0 netmask 255.255.255.0 {
    range 192.168.66.180 192.168.66.190;
}
Community
  • 1
puk
  • 285
  • 1
  • 6
  • 18
  • Why do you have both `192.158.66.254` and `192.168.66.254` in your default gateway field? The `.158` one is most likely incorrect and should be removed.. – Tero Kilkanen Jul 18 '15 at 00:01
  • @TeroKilkanen I actually noticed that too. I have no idea why that is there. I don't know how to remove it on the client, but it must be done on the server, otherwise, it will rear its ugly head upon the next reboot. Any suggestions? – puk Jul 18 '15 at 00:03
  • If the configuration is given by DHCP, then you should study DHCP server configuration. That is not in your question so I cannot comment that. – Tero Kilkanen Jul 18 '15 at 00:23
  • @TeroKilkanen Can you have a look at my original question and comment? I can, alternatively, create a third question which merges this one with the previous one, however, I don't know if the mods will allow that. – puk Jul 18 '15 at 00:51
  • I have read your question and comment, but the DHCP configuration is nowhere present, so it cannot be commented. The post referred in your question contains only IPTables and routing setup. – Tero Kilkanen Jul 18 '15 at 02:07
  • @TeroKilkanen I understand what you mean now. I will create add the pertinent information. – puk Jul 18 '15 at 02:23

2 Answers2

1

You have

option routers 192.158.66.254;

in your configuration, which causes the invalid default route in your client configuration. Comment out this line, and you should be left with the correct default router of 192.168.66.254.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63
1

I think there are 2 different things at play here -

  1. The incorrect setting option routers 192.158.66.254; in your DHCP configuration. This would stop external connectivity, but is not actually the cause of your problem.

  2. The inability to ping the Windows box from the Linux boxes is most likely due to the TCP stack on the Windows box (or a firewall running on it. Clients on your LAN (ie the same subnet as the Windows box) do not actually go through the router, so that rules out the issue. You might want to (temporarily) disable your AV software as some AV software blocks incoming ICMP - See the bit about "bitdefender anti-virus" here. You might want to (temporarily) disable any firewall on your Windows PC.

davidgo
  • 6,222
  • 3
  • 23
  • 41