I had the same problem some time ago, I couldn't have DNAT working onmy second interface. Could you please post all your routing tables?
And also, what are your connections? Both PPP? PPPoE? ...
Best Regards,
Raphael Benedet 3D Artists - raph.com "bringing art into the third dimension"
Ming-Ching Tiew wrote:
I have two external IPs ( OUTSIDE_IP and OUTSIDE_IP2 ) and I have already set them up using multipath routing and the outbound nat traffic seems to be working fine, there is certain amount of traffic split between the two external links.
But when checking the inbound port forwarding, only the port forwarding on the first link is working, the in bound to the second is not working.
These are the port forwarding rules I make :-
For the first link :-
iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport 80 -j DNAT --to ${SERVER}:80 iptables -A FORWARD -p tcp -d ${SERVER} --dport 801 -o ${INSIDE_DEVICE} -j ACCEPT
For the second link, it is identical :-
iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP2} --dport 80 -j DNAT --to ${SERVER}:80 iptables -A FORWARD -p tcp -d ${SERVER} --dport 801 -o ${INSIDE_DEVICE} -j ACCEPT
The second 'iptables -A FORWARD ...... ' is a repeat but it is done anyway ( which I believe should be no hard ).
A check on the 'iptables -n -L' and 'iptables -t nat -n -L' revealed that the setting were indeed exist.
Anything which i missed out which causes the inbound port forward only working on the first link but not on the second link ?
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
