Indunil Jayasooriya wrote:
I have not added it to prerouting chain. I added just
now. Forward, input and output chains have it.
PREROUTING must not have it. Only the three filter chains and only if
you use the state machine.
telnet 2.3.4.5 <http://2.3.4.5> 25
it accepts, It works.
OK, so DNAT at the second firewall works already. I missed that.
Now what I need is that I want to telnet to first firewall, then, it
will forward to second firewall, second firewall will forward to actual
mail server.
Yes I got that.
Anyway, it's hard to guess without seeing all the rules of the first
firewall. Do any other DNAT's at the first firewall work already?
Is forwading enabled? "cat /proc/sys/net/ipv4/ip_forward" should be "1".
Oh, and by the way. I assumed your routing is in place. Is the the
second firewalls default route (gateway) the first firewall?
You can look at it with "ip route list | grep default".
If 1.2.3.4 and 2.3.4.5 are both external IP's then it's probably the
problem.
--
Aleksander Kamenik
system administrator
+372 6659 649
aleksander@xxxxxxxxxxxxxxx
Krediidiinfo AS
http://www.krediidiinfo.ee/
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
