Linux(Centos) Gateway Server Configuration: Step by

Step Procedure
Step 1. Add 2 Network cards to the Linux box
Step 2. Verify the Network cards, check if they installed properly or not
Step 3. Configure eth0 for Internet with a Public (External network or Internet)
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:0c:29:d2:c2:75
IPADDR=192.168.1.10
BROADCAST=192.168.1.255
NETMASK=255.255.255.0
NETWORK=192.168.1.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS2=8.8.4.4
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
Step 4. Configure eth1 for LAN with a Private IP (Internal private network)
# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=static
HWADDR=00:0c:29:d2:c2:7f
IPADDR=192.168.10.1
BROADCAST=192.168.10.255
NETMASK=255.255.255.0
NETWORK=192.168.10.0
GATEWAY=192.168.1.10
# Enter Ip of eth0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
If you get error cant bringing up interface eth1, and type:
#
#
#
#

service NetworkManager stop

chkconfig NetworkManager off
service network start
chkconfig network on

Step 5. Host Configuration (Optional)

# vi /etc/hosts
127.0.0.1 nat localhost.localdomain localhost
Step 6. Gateway Configuration
# vi /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=nat
GATEWAY=192.168.1.1 # Internet Gateway, provided by the ISP
Step 7. DNS Configuration
# vi /etc/resolv.conf
nameserver 8.8.8.8 # Primary DNS Server provided by the ISP
nameserver 8.8.4.4 # Secondary DNS Server provided by the ISP
Step 8. Configure DHCP server to give out the IPs to the computers on the inside of the LAN
We do that by installing the DHCP server like this:
# yum install dhcp

Configure a DHCP Server:

# vi /etc/dhcp/dhcpd.conf
option domain-name "vjetnamnet.com";
option domain-name-servers 8.8.8.8, 8.8.4.4;
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
authoritative;
subnet 192.168.10.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.10.10 192.168.10.20;
option broadcast-address 192.168.10.255;
option routers 192.168.10.1;
}
Step 9. NAT configuration with IP Tables
First of all you have to flush and delete existing firewall rules. So flush rules by typing in terminal:
# iptables -F
# iptables -t nat -F
# iptables -t mangle -F
Now delete these chains:
# iptables -X
# iptables -t nat -X
# iptables -t mangle -X
Set up IP FORWARDing and Masquerading
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# iptables -A FORWARD -i eth1 -j ACCEPT
Enables packet forwarding by kernel (save this setting in /etc/sysctl.conf file)
# echo 1 > /proc/sys/net/ipv4/ip_forward
and edit to make the change permanent
# vi /etc/sysctl.conf
net.ipv4.ip_forward=1
Apply the configuration
# service iptables save
# service iptables restart
Check if iptables is set to start during boot up

# chkconfig --list iptables

Step 10. Testing
Ping the Gateway of the network from client system:
# ping 192.168.10.1
Try it on your client systems:
# ping google.com
Configuring PCs on the network (Clients)
All PCs on the private office network should set their gateway to be the local private network IP address
of the Linux gateway computer.
The DNS should be set to that of the ISP on the internet.