On Sunday 19 May 2002 9:19 am, nir cohen wrote: > Hello All > I configure a firewall with a dmz a lan and external interface. > I do a dnat for incoming packets to port 80 to go to an internal web server > 192.168.0.5. In my apache server I do a redirect to another web server > 192.168.0.3 but i can't see the web page from outside While I see the web > page in the internal network (what's mean that the apache is doing > redirection (in the apache httpd.conf I do :Redirect / http://192.168.0.3) > Does anyone knows whats the problem?
External browser makes a connection to aa.bb.cc.dd (your external address). Firewall sees this and DNATs it to 192.168.0.5; packet goes to webserver. Response goes back to the client: "Redirect to http://192.168.0.3";. Client browser makes another request to 192.168.0.3, and surprise surprise, can't get across the Internet to reach it..... You will have to do a redirect to another publicly-routable address and then translate that on your firewall to 192.168.0.3. Why don't you just (a) serve the required content from 192.168.0.5, or (b) translate external requests to 192.168.0.3 ? Antony.
