Hello, I''d like to NATed some friends boxes into our network. [ISP Router]---(Corp. LAN)---[[MY BOX with NAT]]-----(lan with friends) 1.1.1.1/24 1.1.1.4/24 eth0 172.18.1.0/24 172.18.1.254/24 eth1 My seting: I use kernel 2.4.2, iptables version 1.2 root@pokus:~# iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT all -- 0.0.0.0/0 1.1.1.17 to:172.18.1.4 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 172.18.1.4 0.0.0.0/0 to:1.1.1.17 Chain OUTPUT (policy ACCEPT) target prot opt source destination I add arp proxy on eth0 with ip neigh add proxy 1.1.1.17 dev eth0 With command arp -a -n I see this arp proxy but with ip neigh show I don''t see this one. I test connection with ping, in tcpdump output I see that 172.18.1.4 is right NATed to 1.1.1.17 and icmp request go out to the Corp. LAN. I think that something is wrong with proxy arp because ping from some box on Corp. LAN don''t reach 1.1.1.17 What''s wrong on my setup ? PSIkappa psi@atlantis.sk