On 09/28/2012 12:33 PM, Dragan Jurkovic wrote: > On Fri, Sep 28, 2012 at 3:26 PM, Tom Eastep <[email protected]> wrote: >> On 09/28/2012 12:17 PM, Dragan Jurkovic wrote: >>> On Fri, Sep 28, 2012 at 3:01 PM, Tom Eastep <[email protected]> wrote: >>>> On 09/28/2012 11:53 AM, Dragan Jurkovic wrote: >>>> >>>>> Forgot to mention - eth0 does have routeback option and I do have >>>>> split DNS for my firewall - i.e. it resolves to 192.168.201.Y >>>>> internally. >>>> >>>> If you have split DNS then why doesn;t it resolve to 192.168.2.1.X??? >>>> That way, the router would not have to do anything. >>> >>> What I am trying to achieve is to access IMAP server via smartphone >>> mail application - so in smartphone I have IMAPS server set to >>> "firewall.mycompany.com:NNNNN". I am trying to have same configuration >>> when accessing IMAPS server via smartphone connected internally via >>> WiFi (therefore getting 192.168.201 address) - I don't want to change >>> smartphone config every time it connects to internal network. >>> Internally firewall.mycompany.com resolves to 192.168.201 address. All >>> other internal mail clients are using internal address of IMAPS >>> server, of course. >>> >>>> >>>> -Tom >>>> PS -- and it's really silly to use X and Y when you are referring to >>>> private addresses. >> >> And 192.168.2.201 is an address on the Shorewall Router? > > IMAPS server 192.168.201.6, Shorewall router 192.168.201.42 > (firewall.mycompany.com resolves internally to that address) > IMAPS is litening to normal IMAPS port 993. > rules file: DNAT loc loc:192.168.201.6:993 tcp > NNNNN - 192.168.201.42 > masq file: eth0:192.168.201.6 eth0 192.168.201.42 tcp > NNNNN >
You want rules: DNAT loc loc:192.168.201.6:993 tcp NNNN - 192.168.201.42 And masq: eth0:192.168.201.6 192.168.201.0/24 192.168.201.42 tcp 993 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
