Web servers behind nat
Visitor
visitor@thisbox.com
Tue, 09 Oct 2001 11:56:21 -0500
I have this situation and my web server is visible from the Internet.
The problem is that internal users can not see the web server using the
real internet ip address. How do I fix this?
Thanks,
Visitor
visitor@thisbox.com
Phil Barbier wrote:
>OK - this is perfectly possible here...
>
>What you need to do is give your existing card that has the real IP some
>more IPs, this is achieved by typing the following
>
>ifconfig <card>:1 <new IP>
>
>eg,
>
>ifconfig eth0:1 192.168.1.1
>ifconfig eth0:2 192.168.1.2
>
>etc. etc.
>
>You can Source NAT it for outbound traffic, you will also need to
>Destination NAT (DNAT) it as well.
>
>Say, your real IP is 1.1.1.1 and your other real IP (for your web server) is
>1.1.1.2 and your internal IP for your NAT box is 10.0.0.1 and your internal
>IP for your webserver is 10.0.0.2 you will need the following for web
>service to work.
>
>iptables -t nat -I PREROUTING 1 -j DNAT -s 0.0.0.0/0 --dport 80 -d 1.1.1.2
>--to 10.0.0.2
>
>with the eth card of the real IPs already holding both 1.1.1.1 and 1.1.1.2
>
>Hope this is helpful,
>
>Regards,
>
>Phil Barbier.
>
>--
>Phil Barbier
>Registered Linux User #227794
>Direct Line + 44 (0) 1782 384652
>Web Developer
>Online-Bills Ltd
>http://www.online-bills.com/
>mailto:p.barbier@online-bills.com?subject=from_email
>
>