Hi all, I am having a problem with my DNAT setup. I have a gateway machine running shorewall which is set up with multiple aliased ip addresses as described here:
http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html ... with each aliased address DNATing port 80 and 22 through to a different machine on my LAN. The firewall machine itself is also listening on those ports. The problem I am having is that although access to the websites and ssh on the various hosts works fine from outside the firewall, any attempt to connect from inside ends up connecting to the firewall rather than the requisite internal machine. I could maybe get around this by overriding the external DNS using the DNS server on my LAN (pointing the domain names at the internal machines rather than their external DNATed addresses) but this doesn't seem to be the best way to go about it as it causes problem with laptop users' DNS caches. Can anyone tell me how to set this up correctly so I can access websites on DNATed aliased IP addresses from both inside and outside the LAN (or point me at some documentation for such a setup)? I'm happy to include my config files or give more information if it is needed. Thanks in advance, Dan T. ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
