2011/10/10 Stefan Midjich <[email protected]>: > Simplest of things but I'm failing miserably. > > $ sudo cat /etc/hostname.vic2 # External NIC with static public IPv4 address > inet 50.50.50.59 255.255.255.0 50.50.50.255 > > $ sudo cat /etc/hostname.vic3 # Internal NIC used as gateway by two > machines on same network > inet 10.221.181.10 255.255.255.0 10.221.181.255 > > For troubleshooting I have removed the block all rule, to confirm that > it is in fact my NAT related rules that don't work. > > These are my first and only NAT rules. The other rules work fine and > are just to allow SSH to my management interface and ICMP response > from the external IP and from the internal gateway IP. Besides I've > removed the block all so the other rules don't matter much now. > > match out on vic2 inet from 10.221.181.0/24 to any nat-to (vic2) round-robin > pass inet from 10.221.181.0/24 to any flags S/SA keep state
can be changed to pass out on vic2 inet from 10.221.181.0/24 to any nat-to vic2
