shorewall-lite version 4.4.6
Debian Lenny - 2.6.26-2-686
I have a large network of public IPS ( 1.1.1.128/25 )
I have broken this up into several smaller subnets. I have a few servers
that I want to NAT translate from my gateway server to a public IP on
VLAN350. which is subnet 1.1.1.192 / 27.
My gateway server has the following interfaces
eth0 - 1.1.1.149 /28
eth1 - 172.16.1.0 /24
vlan350 - 1.1.1.193 /27
I have this entry in the nat configuration file:
#EXTERNAL INTERFACE INTERNAL ALL LOCAL
1.1.1.198 vlan350 172.16.1.23 no no
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
but when the host 172.16.1.23 pings the internet, the IP is masquerarded as
1.1.1.149, not 1.1.1.198
>From the gateway, I can do the following
ping www.google.com -I 1.1.1.198
and I do get replies, and tcpdump on the gateway verifies that the IP being
used is correct, so I know the routes are in place.
Any suggestions as to what I might be doing wrong?
The dump file is over 50k even after sending.
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
