mjhjmtu

I want to create a static route through a CentOS 7 Server (so that a print server can access a printer).
CentOS 7 Server has two interfaces: em1 (10.0.0.5/24 faces the print server) and em2 (10.0.0.6/24 faces the printer). I have not defined a gateway for em2.
Print Server has IP address 10.0.0.60/24. Printer has IP address 10.0.0.4/24. The printer's gateway is 10.0.0.6.
Services iptables and firewalld are disabled. The intent is to enable and use one of them as a firewall once we figure out routing.

Steps I have taken:

• Added the following line to /etc/sysctl.conf: net.ipv4.ip_forward=1


• Issued the command:
  ip route add 10.0.0.4 dev em2
  
  This allowed me to ping the printer from within the server but not from outside
  
  If this route is not set, I cannot ping the printer from the CentOS server.


• Attempted adding the command
  ip route add 10.0.0.254 dev em1
  
  To set a route from the em2 to the default gateway. This had no positive effect.


• Removed both of the previous commands using ip route del
  


• Created file /etc/sysconf/network-scripts/route-em2 with the following line:
  10.0.0.4 dev em2
  
  Restarted network using systemctl restart network
  
  Still unable to ping from outside, but able to ping the printer from the CentOS 7 printer but not from the network.


• Enabled iptables and ran the following commands to enable ping through the server:
  iptables --flush
  iptables -A FORWARD -i em1 -o em2 -p icmp -m state --state NEW,ESTABLISHED -j ACCEPT
  iptables -A FORWARD -i em2 -o em1 -p icmp -m state --state NEW,ESTABLISHED -j ACCEPT
  
  Running these iptables commands did not affect my ability to ping the printer from the print server, but I am still able to ping the printer from the CentOS server.


• Using the nm-connection-gui, I added the ip address of the printer as an additional ip address on em1. Doing this allows me to ping 10.0.0.4 (printer IP). However, this merely sets up the server as the destination for that IP, and does not allow me to connect to the printer.

Thus far I cannot ping the system from an outside server.

A couple of other things:

- em2 does not have a default gateway specified.

- In the GUI connection manager, the routes shown in the route-em2 file are shown under "Routes" - I did not add them.

- In the GUI connection manager, "Use this connection only for resources on its network" is checked. If I uncheck it, the apply button does not highlight.

- In the GUI connection manager, there are no routes specified for em1. The "Automatic" switch is "ON" for routes on both em1 and em2.

It seems like I have routing set up properly on the local server. I need to figure out how to get other servers to connect to the printer via my CentOS 7 server.

ifcfg-em1 file contents

TYPE=Ethernet

PROXY_METHOD=none

BROWSER_ONLY=no

BOOTPROTO=none

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=em1

UUID=98f63db9-9676-4b85-acce-8292ceee303b

DEVICE=em1

ONBOOT=yes

IPADDR=10.0.0.5

PREFIX=24

GATEWAY=10.0.0.254

DNS1=10.0.0.3

DNS2=10.0.0.6

DOMAIN=REDACTED-FROM-THIS-POST

IPV6_PRIVACY=no

ifcfg-em2 file contents

TYPE=Ethernet

PROXY_METHOD=none

BROWSER_ONLY=no

BOOTPROTO=none

DEFROUTE=no

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacy

NAME=em2

UUID=f43a309a-a80f-4200-a252-02cf2648574a

DEVICE=em2

ONBOOT=yes

HWADDR=50:9A:4C:6C:79:0B

IPADDR=10.0.0.6

PREFIX=24

IPV6_PRIVACY=no