Re: DNAT PREROUTING issue with IPTABLES
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Indunil Jayasooriya wrote:
I have not added it to prerouting chain. I added justnow. Forward, input and output chains have it.
PREROUTING must not have it. Only the three filter chains and only if you use the state machine.
telnet 18.104.22.168 <http://22.214.171.124> 25 it accepts, It works.
OK, so DNAT at the second firewall works already. I missed that.
Now what I need is that I want to telnet to first firewall, then, it will forward to second firewall, second firewall will forward to actual mail server.
Yes I got that.Anyway, it's hard to guess without seeing all the rules of the first firewall. Do any other DNAT's at the first firewall work already?
Is forwading enabled? "cat /proc/sys/net/ipv4/ip_forward" should be "1".Oh, and by the way. I assumed your routing is in place. Is the the second firewalls default route (gateway) the first firewall?
You can look at it with "ip route list | grep default".If 126.96.36.199 and 188.8.131.52 are both external IP's then it's probably the problem.
-- Aleksander Kamenik system administrator +372 6659 649 aleksander@xxxxxxxxxxxxxxx Krediidiinfo AS http://www.krediidiinfo.ee/ _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc