Can't get access to local servers using external IP

[Pascal Hambourg]

Hello,

Martijn Lievaart a écrit :
> 
> There are several ways you can make this work.
> 
> 1) When packets from $local_lan arrive destined for the webserver, not 
> only DNAT them, but SNAT them as well to an ip of the firewall. The 
> disadvantage is that the webserverlogs will not acurately report the 
> source address for these connections. This is probably what the linksys 
> did.

Hint : using NETMAP to do the source NAT, you can do a 1:1 mapping so 
you can retrieve the original source address.

[...]
> 6) Probably lots of other solutions I didn't think about.

If you access the server by name instead of by IP address :

7) Put the private address and the name in the /etc/hosts file of your 
workstations. Quick and dirty, does not scale.

8) Set up a "split DNS" server so the internal requests receive the 
private address and the external request receive the public address.