There were actually 2 problems. 1) I cannot connect from the desktop machines to the NATd machine using either the private IP nor the real IP. This I have solved. I guess the problem came from the wrong routing table in the Notes server.. (however I am not allowed to change settings there, so I just moved the masquerading job to FW2, and it's working now)
2) I cannot connect from any parts of the internal network to the Notes server with the real IP. (I can connect from internal network using the private IP, so I guess it is not the same problem as you stated?) Everybody is satisfied with the current configuration, but it is really ugly to get an "invalid argument" like that. So... are there any possible solutions for this? On Tue, Dec 28, 1999 at 08:27:51PM -0800, aphro wrote: > are you trying to access the NAT'd machine from infront of the debian box > doing the NAT ? from the looks of it you are doing NAT on only part of > the network.. the desktop PCs section (?) You will not be able to access > the NAT'd machines from infront of the debian box doing the NAT even if > its on the same network. If you need this functionality you need something > that can do reverse NAT. > > i hope i understood your problem :) > > nate