similar to: RE: Q: Routing the Same IP simultaneously on differentcomputers ?

Hi, I''ve asked this elsewhere and received hints but no one seems to have a concrete explanation :- What I am looking to do is to be able to configure a Linux based router to be able to share THE SAME SINGLE Public IP address between the linux router and a single computer on the lan acting as the DMZ host (NOT normal NAT IP sharing !). So basically you have a linux router with two

OK one factor that I had not mentioned previously is this is my first time running Debian (yes I managed to do that since 1997...). Yesterday I found /etc/network/interfaces and understood what it does! My system is like the "About My Network" example except that I have 2 class Cs in the DMZ. >From what I understand I use the same IP on the NET and DMZ interfaces. I don''t

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall (i.e - its ip address - 1.2.3.4/29) to the internet ip

Hi I have a trouble with my shorewall. I have 5 Ips adresses on my internet interface. I can ping any of these adresses, but the traffic take always the base adresse on my interface. All the traffic is on the same adress, but I what to know the traffric for each of these adresses. I search a lot to find the setting for do that, I don''t know what is wrog in my config, somebody can

HI, here I have an eMail with connected to a DMZ 10.0.0.0/24 network. This server holds 10.0.0.87 There are two firewall-hosts one with CentOS 6 10.0.0.10 and one with CentOS 7 10.0.0.17 The CentOS 6 has the following iptables-rule (extract): ----------------------8<----------------------8<----------------------8< *nat -A POSTROUTING -o eth1 -j MASQUERADE -A PREROUTING -i eth1 -d

https://bugzilla.netfilter.org/show_bug.cgi?id=821 Summary: Rosa Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: andoandre at gmail.com

Dear list, I''m running Shorewall on a dedicated Fedora 7 box. Shorewall is working well as an office DSL router (dynamic IP) with loc and dmz zones. I am now trying to configure IPSec to connect a VPS, "casp", with a static IP to both the firewall and to the loc network behind it. The host to host SA works fine. However, pings from "loc" to "casp" can be

Hi everyone! First of all, sorry about my bad English and the e-mails extension. I need some help to implement a VPN connection using shorewall and openswan as IPSec Tunnel. My network map: CLIENT VPN APPLIANCE --> +++INTERNET+++ --> FIREWALL --> OPENSWAN SERVER (DMZ) I have two VPN connections with two different subnets to the other end. The two of then are correctly established.

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall ( i.e - its ip address - 1.2.3.4/29) to the internet ip

Hi all, I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as passive ftp. the theroy behind passive ftp is , - FTP server's port 21 from anywhere ( Client initiates connection) - FTP server's port 21 to ports > 1024 (Server responds to client's control port) - FTP server's ports > 1024 from anywhere (Client initiates data connection to

hi all, i have this situation: isp1 | dmz ----- FW linux ----- isp2 |----------------------------------- vpn concentrator ----- various ipsec lan-2-lan | LAN In lan i have "pc zone" and "server zone", same network. Dmz and server zone browse internet through isp1, lan use isp2, and remote

I have a dsl modem and two static IP addresses: 66.17.65.22 and 66.17.65.161. I am using the standard configuration from the Shorewall Setup Guide for multiple IP addresses and modifications suggested by the Aliased Interfaces Guide. I want to set up a shorewall 2.08 router for my home (Fedora Core 2 / kernel 2.6.8-1.521). I want share an internet connection with some pc''son a local

I''m being cast headlong into unfamiliar waters here, and being desperate for some air, thought I''d come here for some help. :) Anyway, my employer is going through some whiplash-inducing growth spurts, and as a result, the simple "Internet T-1 -> Linux Firewall/NAT -> LAN" setup just isn''t going to cut it anymore. First, we''re bringing in 2

Thankx I solved the problem by removing firewall and now trying to include firewall settings step by step Vaneet -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Ryan Sent: Monday, May 23, 2005 10:35 AM To: CentOS mailing list Subject: Re: [CentOS] RE: Wireless Networking > 1) I am not able to connect to my Centos Server BOX

Hi all, I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as passive ftp. the theroy behind passive ftp is , - FTP server''s port 21 from anywhere (Client initiates connection) - FTP server''s port 21 to ports > 1024 (Server responds to client''s control port) - FTP server''s ports > 1024 from anywhere (Client initiates data

Hi all, I'm a bit confused reading the RHEL System-Administrator-Guide regarding this: (1) iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 10.1.2.253:80 (2) iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.1.2.253:80 The first is for port forwarding, the second is said to be used for DMZ. But I tried both and the result is the same.

I made a boo boo in my config and put in this rule #PPTP DNAT net:213.67.241.162/217.209.46.204/32 loc:192.168.221.200 tcp 1723 DNAT net:213.67.241.162/32,217.209.46.204/32 loc:192.168.221.200 47 - And the the following happened.. and I wonder why it didn''t complain? I am sure I am just misunderstanding some doc

I have been trying to get DNAT to work and I actually have succeeded too, however, not how I thought it would work when reading through the documentation. 1. No matter what I do I cannot get DNAT to work unless I have an entry in eiter the nat or the proxyarp file. Is that really how it''s supposed to be? I can''t find anything about it in the documentation. 2. Also, in the

thanks again for your sharp eye and speedy response. i have corrected the typos in the IP in the masq file. I am sorry to have to ask for more help but my pc''s on the local network can''t reach the dmz webserver using the webserver''s local or Public IP address. I need to be able to do this in order to test the split DNS setup for the network. Using ethereal on the

Hi, I am running a ASTERISK BOX behind a firewall. It is at DMZ . Now I want to connect to my ASTERISK BOX from Internet. So I want to DNAT. How can I do it? Pls assume that ip address that connects to Internet on firewall is 1.2.3.4and is attached to eth0. And ASTERISK BOX is 192.168.101.23 Then, What is the rule (PREROUTING) for it? What is the port to DNAT? I think udp 5060. So I have