OS=Centos 6.2 My problem is I have two terminal servers located in LAN that have been natted and when I open a browser on either of those servers and go to whatsmyip.com it reports the firewalls ip address instead of the ip address assigned in the nat configuration. These servers respond to the outside world fine with their assigned address and they have functioned for over a year without issue but we are now trying to use software supplied by one of our clients to access their site and their server won't respond to our client side app. After a long search for problems it was determined that the software would connect after removing the nat entry for one of the servers and then connecting from that server so I'm guessing that they must be doing some sort of spoof check and refusing to allow connection to them since the server is identified as one ip to the world but is talking from another ip. I have tried a couple of different modifications to the masq file but nothing changes the outcome. I read that it was not necessary to modify the masq because the one-to-one nat would use the assigned ip but thats not happening for sure on either server. When I go to whatsmyip from the DMZ the ip is reported correctly from a different server that has it's own one-to-one nat but there is no masquerading done for DMZ like there is for LAN. Please advise.
-- This message was scanned by ESVA and is believed to be clean.
shorewall.dmp.gz
Description: shorewall.dmp.gz
------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
