Lion Server: Unable to connect to the Internet after running NAT Gateway Setup Assistant
Your private network may be unable to connect to the Internet after running the NAT Gateway Setup Assistant in Lion Server v10.7.2 or earlier.
Update to Lion Server v10.7.3 or later.
Learn more
If you ran the Gateway Setup Assistant in Lion Server v10.7.2 or earlier, follow these instructions:
In System Preferences, set the IP address of the secondary interface to 192.168.2.1. You will only be able to share the one network 192.168.2.0/24. System Preferences will show the IP address as 192.168.1.1.
Remove all created DHCP subnets except for the one network 192.168.2.0/24, if it exists.
If network 192.168.2 does not exist in Server Admin > DHCP > Subnets, please create a new subnet called 192.168.2 with the following values. If it does exist please edit the DHCP setting to the following values:
Subnet Name: 192.168.2
Starting IP Address: 192.168.2.2
Ending IP Address: 192.168.2.254
Subnet Mask: 255.255.255.0
DNS Server: 192.168.2.1
Search Domain: Your networks parent domain like example.com
If you do not know your Search Domain you can use example.com for testing
Allow the DHCP server to restart.
Start the DNS service if it has not already started.
Make sure that "Forwarder IP Address:" in Server Admin > DNS > Settings contains the IP addresses that are located in System Preferences > Network > Ethernet 1 (or primary Interface) > "DNS Server:".
Removed all Firewall IP Address Groups created by the Gateway Setup Assistant. For example: 192.168.1-net, 192.168.2-net, and so forth.
Add "IP Address Group" with the following values:
Group Name: 192.168.2-mynet
Addresses in group: 192.168.2.0/24
For testing, make sure you allow all traffic for the address group 192.168.2 in Server Admin > Firewall > Settings > Services.
Start and Stop the NAT service.