[Shorewall-users] Tricky routing

Dag Nygren dag at newtech.fi
Thu Dec 18 18:01:07 PST 2003


Hi,

I have a small problem that I am sure some have seen before.

Scenario:
- DMZ with WEB-server and DNAT:ed external adresses
- Local net where users want/have to access the WEB-server with the EXTERNAL 
address

The firewall doesn't seem to like the situation as it will drop the packages 
that should go as far as the external interface, then be rerouted to the DMZ.

Any hints?

-- 
Dag Nygren                               email: dag at newtech.fi
Oy Espoon NewTech Ab                     phone: +358 9 8024910
Träsktorpet 3                              fax: +358 9 8024916
02360 ESBO                              Mobile: +358 400 426312
FINLAND


More information about the Shorewall-users mailing list