cant ping from behind proxy box
Zoltan Szecsei
zoltans at geograph.co.za
Sun Mar 4 16:51:32 UTC 2012
On 2012/03/04 18:44, Peter Larsen wrote:
> On Sun, 2012-03-04 at 18:28 +0200, Zoltan Szecsei wrote:
>> Hi,
>> Sorry - newbie to fedora, and google is driving me mad !
>>
>> I've just setup up a F17alpha box, and am trying to ping the internet
>> from behind my Ubuntu proxy server, which also runs bind.
>>
>> I have set GATEWAY in /etc/sysconfig/network
>> I have put nameserver 192.168.0.1 into /etc/resolv.conf
>> I have done a export http_proxy=http://192.168.0.1:3128
>>
>> I have done a /etc/init.d/network restart
>>
>> and I still cannot ping by IP nor by dnsalias name
> Ping what??
anything that starts with www.
Even if I get their IP address and ping with the IP address, it still
times out.
> You won't be able to ping outside your proxy at all unless you allow
> your hosts to bypass the proxy (which would sorta elliminate the idea of
> the proxy in the first place).
>
> What IP and network did you give your fedora box? Setting up the proxy
192.168.0.143
> cannot be done until you have basic networking up. In other words, based
> on the above, your fedora box need to have an address in 192.168.0.x -
> and it needs to then be connected to a hub/switch that allows access to
> 192.168.0.1. Once done, you test with ping to 192.168.0.1. There's a
> chance you run with a "angry" firewall on 192.168.0.1 which could be
> blocking your pings, but if you say you can ping it from other hosts,
> that's obviously not the case.
yes, and I put an ALLOW in the squid ACL for that IP address. Firefox
works from this F17a box.
Anything from the CLI fails.
>
>> but this all works from other ubuntu boxes, and of course from the
>> server machine itself.
>> I can also ping all the PCs on my internal network.
> That includes the proxy server? If so, everything is working according
> to the setup.
yes
>
>> Please can someone tell me my deliberate mistake in this regard.
> Proxy servers blocks you from direct access to the outside network. It's
> why proxy servers are mostly used - to deny direct access to the
> workstations. That means pings too.
correct, but I have a working ACL for this IP address.
>
>
>> TIA,
>> Zoltan
>>
More information about the users
mailing list