Hi Mark,
Are those servers inside some sort of DMZ in a different network? Does that workstation goes thru the firewall to reach the servers? If it does, then you might want to add some rules on the POSTROUTING (SNAT) chain. Is this a tri-homed firewall? On 5/20/05, Mark Quitoriano <[EMAIL PROTECTED]> wrote: > hi im having a dilemma in iptables im forwarding one ip address from > firewall to an internal server(with internal ip). The scripts worked > fine you can access the server from outside of the network but when i > try to access the server from inside i can't connect to the server. > > here's a diagram: > ________ ________ ______________ > | internet | ------------- | firewall | ---------------| web/mail server | > -------------- -------------- > ------------------------- > | > ___________ > | workstation | > ------------------- > > > here's the syntax i add for forwading the public ip to an internal > ip(192.168.0.253): > iptables -t nat -A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -j DNAT --to > 192.168.0.253 > > > > when i try to browse my server from the internal workstation i always > get timeout and even if i tried to telnet port 25 same thing happened. > -- > Philippine Linux Users' Group (PLUG) Mailing List > plug@lists.q-linux.com (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > -- Philippine Linux Users' Group (PLUG) Mailing List plug@lists.q-linux.com (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
