How to access ext. addr. from inside ?
Ray Leach
raymondl@knowledgefactory.co.za
Fri, 25 Jan 2002 14:20:50 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri 25 Jan 02 13:15, Jan Jensen wrote:
> Hello,
>
> I have a problem, I have the following setup:
>
> Internet
>
> | 1.1.1.178 (Not the real address :-}, but it is a valid Internet
> | IP
>
> addr.)
> -------------- ------------------
>
> | iptables |192.168.1.2-----| DMZ 192.168.1.1 |
> |
> |______________| |_________________|
> |
> |192.168.2.1
>
> Internal net 192.168.2.0/24
>
> Some of the users are accessing an IMAP server located on the internal net
> from the internet, using port mapping in the firewall, this works OK.
>
> The problem is whenever they connect to the internal network and try to
> access the mail server, still using IMAP, on the external address of the
> firewall.
>
> I cannot get the traffic to go from inside -> outside -> inside.
>
> Anyone who can help ?
>
Use DNAT on the internal interface.
iptables -t nat -A PREROUTING -i $INT_IFACE -d $MAIL_INET_IP -j DNAT --to
$INT_MAIL_IP
> PS. It is not possible to move the mail-server to the DMZ
>
>
> Med venlig hilsen/Best regards
>
> Jan B. Jensen
> PostMaster
- --
- ----------------------------------------------------------------------
Raymond Leach
Cell:+27-82-416-1410 Tel:+27-11-444-5006 Fax:+27-11-444-5007
eMail:raymondl@knowledgefactory.co.za
www:http://www.knowledgefactory.co.za
Make money while you sleep! Visit http://www.quickinfo247.com/175692
"No matter where you go, there you are ..."
- ----------------------------------------------------------------------
- -----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT d- s:+ a- C++ UL++++/S++++/*++++ P+ L++ E-- W+++ !N !o !K w--- O-
M-- V-- !PS !PE Y-- PGP+++ t+@ 5- X+ R* tv+ b- DI++ D+ G e h* r++ z?
- ------END GEEK CODE BLOCK------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8UU2jF1I6guFUFA0RAkFIAJ9VOfss2DssuauuIdR7PfqjbmA3qgCbBVUZ
/zdu0itNSkN4uSaGiFC2mxE=
=K5P3
-----END PGP SIGNATURE-----