Anyone, The Problem: I have an alias public address DNAT'ed to and internal address - normal and working What i need is to access this server using the PUBLIC address from an internal workstation. What I have: INTNIC = eth1 EXTNIC = eth0 INTERNALNET = 192.168.20.0/24 FIREALLIP = 1.2.3.4 DNATADDR = 1.2.3.5 /sbin/iptables -I FORWARD -p tcp -i eth0 -o eth1 -d 192.168.20.0/24 --dport 22 -j ACCEPT /sbin/iptables -t nat -A PREROUTING -p tcp -d 1.2.3.5 -s ! 192.168.20.0/24 --dport 22 -j DNAT 192.168.20.22:22 I also have a SNAT for masquerading everyting going out /sbin/iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -o eth0 -j SNAT --to-source 1.2.3.4 I have searched for a solutions longer than I care to admit. Can anyone give me an example on how to allow an internal ip address access to another internal address via the DNAT'ed public address. Vernon Fort
