Remember I said "for starters". You have to consider more things in order to make it work... depending on your networking environment. :-) On 12/27/05, Richard Pickett <Richard.Pickett@xxxxxxxxxxxxxxxxxxx> wrote: > Here's something to keep in mind on NAT, it only works if the NAT box is > in-between both systems or you can double-NAT. > > Take this example: > > > NAT BOX > | > ----------------- > | | > SYS A SYS B > > > A connects to NAT A's connection looks like this: > > From: A:Portx > To: NAT:Porty > > NAT NATs the packet to send it to B, the packet now looks like this: > > From: A:Portx > To: B:Porty > > When B replies to the connection his packet looks like this: > > From: B:Porty > To: A:Portx > > When this packet arrives at SYS A it doesn't recognize the connection, > it's expecting all return packets to look like this: > > From: NAT:Porty > To: A:Portx > > To make it work you have to double-NAT the packets. You have to NAT the > PREROUTING to change the "TO", and the POSTROUTING to change the "FROM". > > >
