This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT w/ 2 NIC?

First time trying to use DNATing, reading a lot of documentation (I thought I understood how it works). What I do not find is an answer for and it also do not work for me.

I got an ASL with only 2 NICs.

eth0/intern: 192.168.1.100
eth1/extern: a.b.254.2
default-gateway: a.b.254.1 (router)

No I want to DNAT a request

a.b.254.4 HTTP 192.168.1.150 HTTP

I try to put on Prxy ARP and also an IP-Alias a.b.254.4 for eth1, but it does not work. Can someone explain me whats wrong here? Must be a stupid rookie failure.

This thread was automatically locked due to age.

Parents

0 ollion over 23 years ago

Marius,

you have to define a filter rule allowing traffic
to your server. Make sure that you use the servers
internal address for filtering. DNAT happens
before filtering.

regards
ollion
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 ollion over 23 years ago

Marius,

you have to define a filter rule allowing traffic
to your server. Make sure that you use the servers
internal address for filtering. DNAT happens
before filtering.

regards
ollion
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Marius over 23 years ago in reply to ollion

For testing I took only a ANY ANY ANY ANY ALLOW Rule... and got the described result.

[ 11 January 2002: Message edited by: Marius ]
Cancel
Vote Up 0 Vote Down

Cancel
0 maygyver over 23 years ago in reply to Marius

1. ip alias
2. DNAT dest_ext:80 to dest_intern:80
3. apply filrer rules

4. make sure your arp cache is cleaned up on source maschine

if not working
5. SNAT source_intern:80 to source_ext:80
or enable masq from internal to external network

Astaro user since 2001 - Astaro/Sophos Partner since 2008
Cancel
Vote Up 0 Vote Down

Cancel