[Shorewall-newbies] nat works kinda

Tom Eastep teastep at shorewall.net
Wed Mar 3 15:27:01 PST 2004


On Wednesday 03 March 2004 02:31 pm, Raymond Norton wrote:
> I have a school tech that I am helping resolve a Nat problem. I know this
> is not a desired setup, but he is doing a public to private Nat on his loc
> zone. We cannot access any services via the public IP.
>
>  This is what I have:
>
> Nat file =     66.x.x.x    eth0    10.20.0.14    yes no ( have tried yes
> yes, and leaving it blank)
> .
>
>
> I can ping the public IP from the net and the firewall.
>
> I can bring up the web site of the server from the private  IP side, but
> not from the net.
>
> When I tail -f /var/log/messages it does not show any rejects or info when
> trying to access port 80 on the public IP.
>
>
> After a ping to the public IP from the net "shorewall show nat" displays:
>
> pkts bytes target prot opt in out source destination
> 5 284 DNAT all -- * * 0.0.0.0/0 66.x.x.x to:10.20.0.14
>
>
> Any ideas what I am missing?

Incorrect default gateway on 10.20.0.14?

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-newbies mailing list