web server in DMZ
hamals at infinito.it
hamals at infinito.it
Tue Sep 28 16:44:36 CEST 2004
On Tue, 28 Sep 2004 10:17:29 -0400
Jason Opperisano <opie at 817west.com> wrote:
>
> are you asking how to connect to the web server from the
>inside by its
> public IP address?
yes
>if so, you just need another DNAT
>rule, probably:
>
> iptables -t nat -A PREROUTING -i $INSIDE_IF -p tcp -d
>$WWW_PUB_IP \
> --dport 80 -j DNAT --to-destination 192.168.1.10
>
> -j
>
> --
> Jason Opperisano <opie at 817west.com>
>
>
well I think this is a very good solution, but I can't
understand the following:
hosts in my LAN go in internet with a snat using x.x.x.50
ip address, and everythings is working; my web server is
accessible from outside, then why my inside hosts can't
access to him (with x.x.x.50 IP)? my hosts should see my
web server like any web server on the net....right?
what is wrong in this concept?
_______________________________________
Connessione ed e-mail gratuita da 10 mb
consultabile tramite web e tramite pop.
www.infinito.it vieni a scoprire tutti
i nostri servizi!
http://www.infinito.it/xmail
More information about the netfilter
mailing list