This is a republish off my old blog … the old files are going away due to a change in hosts so please update links if you have any

Thanks!

I struggled with this quite a bit the first time around finding a source of information to configure Vyatta’s router solution just because examples are hard to find (not that there are any problems with it) so here is the configuration and examples that I had, I left IP addresses in there for examples but they may have to be changed depending on your home network setup

Before entering the below commands you have to be in configure mode and after commit them to memory (the commits are in there but will not put the configure in as you could do it all in one or multipule configure sessions)

Configure Outside interface for DHCP (eth0 is my outside interface)

dhclient eth0
commit

Configure inside interface with static IP address (eth1 is my inside interface)

set interfaces ethernet eth1 address 192.168.11.1/24
commit

Configure DHCP server for the internal network (note because of line wrap this looks funny but “set service” is the start of a new line that continues all the way to the next set service. One per line)

set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.10
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.10 stop 192.168.11.50
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 dns-server 24.159.193.40
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 default-router 192.168.11.1
commit

This toruns on the dhcp server for the 192.168.11.0/24 network and starts handing out IP addresses at 10 and stops at 50 I also set my outside DNS server as handed out by DHCP and the default router handed out

Set NAT (genaric rule to enable nat)

set service nat rule 1 outbound-interface eth0
set service nat rule 1 source address 192.168.11.0/24
set service nat rule 1 type masquerade

Forwarding SSH (creates a rule to forward ssh from any source to any destination that comes to the outside interface eth0 , this is because I have a dynamic IP address externaly so setting the destination is not useful and do not know the IP that I will be coming from) This acts like “port forwarding” in home routers

set service nat rule 2
set service nat rule 2 type destination
set service nat rule 2 inbound-interface eth0
set service nat rule 2 protocol tcp
set service nat rule 2 destination address 0.0.0.0/0
set service nat rule 2 destination port ssh
set service nat rule 2 source address 0.0.0.0/0
set service nat rule 2 inside-address address 192.168.11.48
commit