Hello list! :) Please, someone help me so solve my problem! In the same host I'm doing DMZ (iptables) and running squid. I have squid installed version 2.4. I have 3 interfaces and one alias in eth0(internet): eth0 - Internet ip1; eth0:1 - Internet ip2; eth1 - internal ip (LAN); eth2 - DMZ ip;
Ok, the DNAT is working (when a request comes from the net to ip1 or ip2 the request is redirect to my DMZ. Good!). The internal (lan) clients access Internet using proxy (the squid that is installed as I already mentioned) and they can access webpages in the Internet but when they try to access the webpage (http://ip1 or http://ip2) that is in the DMZ, the client browser can't access. But if I configure the clients to have a default gw to another router and access directly everything works fine! I can't use Transparent proxy with squid because I'm using squid's authentication_program parameter (squid.conf) and the squid documentation say that I can't use both, beside this, I can't change the default gw of the clients to my firewall (in order to do NAT/MASQUERADE) because the internal hosts need to have another default gw. Any suggestion to solve this problem? Thanks. Leandro Melo. _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
