Hi, I have a problem here, that maybe I can solve using DNS, but this can be very bad and ugly for me to maintain. I have a internal network that uses a external DNS to solve addresses. I also have some servers in this internal network that can be accessed from outside via aliases on NAT/FW redirecting some ports to internal servers. My problem is that, when I try to connect to a internal server, using the external and real IP, I cannot because my FW/NAT appears to be confused or misconfigured. For example: Internal Network: 172.16.48.0/24 My IP: 172.16.48.10 Server Internal IP: 172.16.48.20 * Both are on the same network Server External IP: 200.180.180.20 (IP alias on FW/NAT machine, that redirects to 172.16.48.20) DNS name of Server: server.domain.com, points to 200.180.180.20 When I try to connect into server.domain.com from internal machines, DNS resolves the external IP and the connection to the real IP does not complete, since the packet goes "out" of my network and must "enter" again. Here is a sample on how my iptables script is configured: ==================================================================== # server iptables -t nat -A POSTROUTING -s 172.16.48.20 -j SNAT --to-source 200.180.180.20 iptables -t nat -A PREROUTING -s 0/0 -d 200.180.180.20 -j DNAT --to-destination 172.16.48.20 # NAT for the rest of the world iptables -t nat -A POSTROUTING -o eth1 -s 172.16.48.0/24 -j SNAT --to-source 200.180.180.22 ===================================================================== I don't know how to better explain my problem... I hope someone understood that... Any idea on this ? Thanks... Herbert
