Hi all, I have a static IP (10.2.1.15) on which I need to have both TCP and UDP ports 5000 appearing to be external! The subnet I'm on has a firewall(Debian) with an int IP 10.2.1.1 & ext 10.1.1.77 with gw 10.2.1.1 obviously. The second firewall/router is a US Robotics ADSL Modem/Router with int IP 10.1.1.1 & ext 1.2.3.4. When I lived in a house with just a Debian firewall and nothing configured on the modem the following worked: iptables -A FORWARD -p udp -d 10.2.1.15 --dport 5000 -j ACCEPT iptables -A PREROUTING -t nat -p udp -d fw-ext --dport 5000 -j DNAT --to 10.2.1.15:5000 iptables -A FORWARD -p tcp -d 10.2.1.15 --dport 5000 -j ACCEPT iptables -A PREROUTING -t nat -p tcp -d fw-ext --dport 5000 -j DNAT --to 10.2.1.15:5000 I've tried the same commands with fw-ext=10.1.1.77 and setting a 'port range mapping' on the modem 10.1.1.77:5000-1.2.3.4:5000 for both UDP/TCP, but to no avail! Any gurus out there that can help/explain!? Many thanks, R
