Web servers behind nat
Tue, 09 Oct 2001 11:56:21 -0500
I have this situation and my web server is visible from the Internet.
The problem is that internal users can not see the web server using the
real internet ip address. How do I fix this?
Phil Barbier wrote:
>OK - this is perfectly possible here...
>What you need to do is give your existing card that has the real IP some
>more IPs, this is achieved by typing the following
>ifconfig <card>:1 <new IP>
>ifconfig eth0:1 192.168.1.1
>ifconfig eth0:2 192.168.1.2
>You can Source NAT it for outbound traffic, you will also need to
>Destination NAT (DNAT) it as well.
>Say, your real IP is 184.108.40.206 and your other real IP (for your web server) is
>220.127.116.11 and your internal IP for your NAT box is 10.0.0.1 and your internal
>IP for your webserver is 10.0.0.2 you will need the following for web
>service to work.
>iptables -t nat -I PREROUTING 1 -j DNAT -s 0.0.0.0/0 --dport 80 -d 18.104.22.168
>with the eth card of the real IPs already holding both 22.214.171.124 and 126.96.36.199
>Hope this is helpful,
>Registered Linux User #227794
>Direct Line + 44 (0) 1782 384652