On Tue, 2004-09-28 at 06:21, hamals@xxxxxxxxxxx wrote: > I have a big problem > > I have a web server in my DMZ, I reach it with his > internal IP 192.168.1.10 from my internal LAN, but I can't > reach them with his public IP. > > I did a DNAT and from internet everythings is ok, my web > server is working in right by DNAT. > > Where is the problem? <snip> There could be several causes. Did you remember to bind the public address to the public firewall NIC so that it responds to ARP requests? For example, if the firewall is at 1.1.1.2 and you want the web server to be at 1.1.1.3 then do ip add address 1.1.1.3/24(or whatever the mask bit count is) dev eth0(or whatever the device name is) brd + You can find a short slide show on using the ip command at http://iscs.sourceforge.net Good luck - John -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
