This issue have been addressed several times, the correct way to handle this is not to NAT netbios traficc, due the fact that there is not helper available -- at least at the time of this writing --, this does not mean you can not route via iptbles, you still can use it, just do not NAT it.
I have some large installation, several hundred computers use iptables to log into the PDC. Just expand the range of the private side of your firewall -- in case you have more that 254 hosts on your lan -- , make sure you packets can find their way back to your lan -- router issues --, forward as needed, remember -- don't Masquerade this traffic --"everything gonna be allright". Regards, Daniel Dominican Republic ----- Original Message ----- From: "AUDEMARD Patrick" <[EMAIL PROTECTED]> To: "Kramer" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, May 13, 2002 3:55 AM Subject: RE: MS Windows domain logon via netfilter NAT IPtable doesn't fully support Netbios over IP. Check this article for more information. http://support.microsoft.com/default.aspx?scid=kb;en-us;Q172227 Patrick AUDEMARD -----Message d'origine----- De : Kramer [mailto:[EMAIL PROTECTED]] Envoy� : dimanche 12 mai 2002 19:29 � : [EMAIL PROTECTED] Objet : MS Windows domain logon via netfilter NAT I have gotten a RedHat 7.3 box operating as a router/filter to a private (192.168.132.0/24) with dhcp without too much trouble. One major problem remains that I can't find any info on. The fixes for the NAT public address reverse routing and the broadcast address fixes are already applied. Windows client hosts on the NATed LAN can't find the NT4 Domain for logon. Therefore Network Neighborhood browsing doesn't work. Strangely direct UNC connections will work if logon credentials are not required. I am sure I am not the first to run into this. Can anyone help? Jack Kramer University of Florida Fort Lauderdale
