this post was submitted on 08 Mar 2024
3 points (80.0% liked)
networking
2811 readers
1 users here now
Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Do you need other WiFi devices (like a phone or a laptop) to be able to access your servers? If not, you could just set up your desktop as a router, that would be the most painless way to go around this situation.
The basic steps are to enable IP forwarding on your desktop, configure a static IP address on the Ethernet interface (for example 192.168.1.1/24 - just make sure it is in a different network than what you get from the WiFi. For example if you get 192.168.0.x, the previous example address would be fine), then optionally set up a DHCP server on the Ethernet interface (otherwise you will have to manually give everything a static IP address), and then finally add a masquerade rule into the firewall (something like
iptables -A FORWARD -o wlp0s1 -i enp0s1 -m conntrack --ctstate NEW -j ACCEPT; iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT; iptables -t nat -A POSTROUTING -o wlp0s1 -j MASQUERADE
- the first two rules allow new connections from Ethernet to WiFi and replies in either way, and the final rule sets up the masquerade - it makes it look like all the traffic is coming from your desktop and hides the new network from your WiFi router; it wouldn't understand how to communicate with this new network otherwise)It might sound pretty overwhelming, but it should be manageable if you go step by step.
Thanks very much for a detailed response! Will try to dissect this and do this when I get home.
Have great rest of your day ๐