On Wednesday 21 November 2007 10:44:24 am Tom Eastep wrote: > Casey Bralla wrote: > > My setup is classic 3-interface. > > What are you trying to accomplish with the loc->dmz DNAT rules? If you are > trying to make connections to your external IP address go to the DMZ then > you need to put your external IP address in the ORIG DEST column. Possibly > you are doing that using a variable but if so, the variable is empty. > > > -Tom
Thanks for your help, Tom. Adding the ORIG DEST made it work! BTW, the loc->dmz NAT rule is to allow my local clients to access my web pages **exactly** like external clients on the internet using the same IP address, which is the dhcp address assigned by comcast. -- Casey Bralla Chief Nerd in Residence The NerdWorld Organisation ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
