Hi, just cracking my head how to solve this: Firewall has more than one public IP Address and NET/LOC/DMZ configured. Requests on public 1.1.1.2:80 should go to dmz:192.168.0.1:80 Requests on public 1.1.1.3:80 should go to dmz:192.168.0.2:80 How can I manage that with DNAT? I tried it with the original destination, but keep getting "REFUSED" always for one connection. Thx Andy
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andy wrote:> Hi, > > just cracking my head how to solve this: > > Firewall has more than one public IP Address and NET/LOC/DMZ configured. > > Requests on public 1.1.1.2:80 should go to dmz:192.168.0.1:80 > Requests on public 1.1.1.3:80 should go to dmz:192.168.0.2:80 > > How can I manage that with DNAT? >DNAT net dmz:192.168.0.1 tcp 80 - 1.1.1.2 DNAT net dmz:192.168.0.2 tcp 80 - 1.1.1.3 - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBaq5jO/MAbZfjDLIRAp5CAJ4wt/37T6V/sAfVRAP5PRae69MX9wCgq2HF IV5qYXxAwO5Q2KFk4tTA9Js=s85b -----END PGP SIGNATURE-----