Hi there, I've got to manage Internet Traffic, Extranet Traffic and LAN in all directions and variants. And now I am at a point where I realize that I got too complex for my amount of sleep. The issue is simple: I can't connect to Extranet machines from localhost (NAT-Router). No ping, no TCP-connections, but traceroute. >From LAN-Machines I can connect and it is NATted correctly. I have put the iptables script, tcpdump output and the output of 'route' and ip route|rule on http://robtone.mine.nu/hm.html Thanks if someone could give me a little hint or anything which would bring me to the right track. I'm not sure whether I do wrong policy routing or maybe i forgot some rules in the iptables script. I really don't know where the packets get lost. Best regards, Robert Felber
