[Server-devel] Bridging XS to another network

David Leeming david at leeming-consulting.com
Sun Oct 31 17:55:05 EDT 2010

Still no luck here. What it boils down to, is that when placing the XS (eth1
- LAN) behind a router with NAT, in order to allow the XS web service to be
visible on the external WAN side of the router, what are the required LAN IP
settings including netmask and firewall settings, including port forwarding
or DMZ Host or other. Anna, you seem to have been able to do that but I
can't replicate without more info on your router/firewall settings.


I have tried everything I can think of and the XS is not visible from the
external network.  Only need to be able to see Moodle, etc, (not interested
in registering XOs on the external network) 


David Leeming

Solomon Islands Rural Link 
P.O.Box 652 Honiara, Solomon Islands

+677 7476396 (m) +677 24419 (h)



From: server-devel-bounces at lists.laptop.org
[mailto:server-devel-bounces at lists.laptop.org] On Behalf Of David Leeming
Sent: Sunday, 31 October 2010 11:38 a.m.
To: 'Anna'
Cc: 'XS Devel'
Subject: Re: [Server-devel] Bridging XS to another network




What you describe below is what I am trying to do (see the net diagram in my
other email). I only want apache/Moodle/wiki to be available to the external
network (your "regular LAN"). You'll see that I have a simple WRT54G router
bridging but no matter what I try, I can't see the apache service through
the router. Can you say what Wan and LAN settings you used for your router? 

I used

WAN - fixed /

LAN - fixed /

Port 80 forwarded from WAN to (or DMZ host with

In this set up: 

If I try to ping from the XS to it is OK, if I try to it says network unreachable.

But if I use a PC hooked up on the eth1 network, with fixed IP / (for example) I can ping the WAN address and beyond. This is
what leads me to think it needs one extra step with route, or it may be
something to do with the WRT LAN setting and XS having different netmasks.
You can see I am reaching at straws a little L  





By way of example, here's a setup I've done in the past:

Regular LAN:
XS (eth0)
My Desktop
"XO A"

XS (eth1)
"XO B"

On the XS LAN, "XO B" can go to http://schoolserver or and see
the default Moodle homepage.  It can also register to the XS and all that
good stuff, cause it's getting its IP address from the XS's DHCP server.

On theRegular LAN, my desktop and "XO A" can't see the Moodle homepage at until I open port 80 in the firewall on the XS using lokkit (or
edit iptables or whatever).  Since "XO A" is not getting its IP address from
the XS, it won't be able to register.  If "XO A" wants to use the XS's
Jabber server, that port needs to be opened in the XS firewall.  "XO A" can
now manually set the Jabber server to and collaborate.  If you
want to use Moodle, not being able to register to the XS is a huge issue.
Apache access works fine, though.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.laptop.org/pipermail/server-devel/attachments/20101101/420f229e/attachment.htm 

More information about the Server-devel mailing list