Bob Gustafson <[EMAIL PROTECTED]> writes: > Hmm, thats kind of interesting. > > 1) Do you have ip_forward turned on in the kernel on B?
B is $FIRM's flagship product, and so I'm making the tacit assumption that it knows how to route packets, based on the fact that $FIRM is still in business :-) > 2) On A, if you use eth0 as the gateway, and send a packet to 192.168.1.3 > and then in B if you dnat 192.168.1.3 to 10.1.1.1, it should get sent > out eth3 to eth1, where it is handled by whatever you have listening > on 10.1.1.1 That should send an ACK back through eth1. This is what I ended up having to do, except that in order to properly test B (the point of this exercise), I can't rely on its NAT capabilities. So I had to stick another linux box in between A and B on both wires, and have it masquerade. It's not an optimal solution, but seeng as how the Linux kernel appears to be hard-wired to never put on the wire packets destined for one of its own IPs, it's the best I can do. Thanks, everyone, for your help. If I discover a better solution, I'll post to the list again. -- Neale Pickett Senior Software Engineer, WatchGuard Technologies
