Hi all,
I have an iptables-based GW/firewall and private LAN behind. Via
one-to-one NAT (with shorewall) I give the ext. NIC of the GW some
more IP aliases, so that the clients behind are reachable from the
outside.
Now to the problem: I CANNOT ping the internal machines (with the
official IP
> Now to the problem: I CANNOT ping the internal machines (with the
> official IP address) from outside, but I CAN ping them from the GW.
> Looks like a NAT problem, BUT: a tcpdump shows something else.
>
> (eth1 is the inner NIC, 172.16.1.128 is the inner machine, so correct
> NAT I think)
Hmm...
On Tuesday 04 February 2003 22:49, Matthias F. Brandstetter wrote:
> Hi all,
>
> I have an iptables-based GW/firewall and private LAN behind. Via
> one-to-one NAT (with shorewall) I give the ext. NIC of the GW some
> more IP aliases, so that the clients behind are reachable from the
> outside.
>
W
On Wednesday 05 February 2003 09:42, Paul de Vrieze wrote:
> Why don't you use briding (+transparent firewalling) in this case.
> It makes live a lot easier. Of course this means that you need to
> have an official ip address for all machines (or block them from
> the firewall)
I solved this "prob