Hello list one computer of my internal LAN has the ip 10.2.89.250 and i need to reach this ip from the internet ok my security scheme not permit this however the first nat is iptables -t nat -A PREROUTING -d 148.243.xxx.xxx -p tcp --dport 80 -j DNAT --to 192.168.0.115 the 192.168.0.115 is the linux box and he knows my internal lan. for example telnet 10.2.89.250 80 Trying 10.2.89.250... Connected to 10.2.89.250. Escape character is '^]'. get HTTP/1.1 400 Bad Request I get this answer so i try to make the second nat in the linux box near the internal LAN iptables -t nat -A PREROUTING -d 192.168.0.115 -p tcp --dport 80 -j DNAT --to 10.2.89.250 the ip_contrack logs the follow lines when i try to connect from internet tcp 6 104 SYN_SENT src=132.248.69.34 dst=192.168.0.115 sport=57572 dport=80 [UNREPLIED] src=10.2.89.250 dst=132.248.69.34 sport=80 dport=57572 use=1 tcp 6 104 SYN_SENT src=132.248.69.34 dst=192.168.0.115 sport=57572 dport=80 [UNREPLIED] src=10.2.89.250 dst=132.248.69.34 sport=80 dport=57572 use=1 can somebody help me ?? -- Ivan Rodriguez Aguilar <ivan@xxxxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part
