George Vieira was once rumoured to have said: > No. External hosts are fine as mentioned in the original post as "Outside > clients". > It's the firewall _itself_ that can't access the external IP address of > these servers...
Comes the question "why?", given the firewall is on the boundary, it makes more sense to access the internal address anyway. If you read the NAT howto, point 6.3.7 states that DNAT doesn't yet work on OUTPUT, and won't without hacking. Looks like its a 'live-with' thing. C. -- --==============================================-- Crossfire | This email was brought to you [EMAIL PROTECTED] | on 100% Recycled Electrons --==============================================-- -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
