This is my scenario: LAN-A ------------ PtP ----------- LAN-B ---------------| Box A |------------------------- | Box B | ---------- eth0 ------------ eth1 eth1 ---------- eth0 Both the boxes are identical , this means that both ETH1 must be configured the same way and the two eth0 too. ETH1 has the NOARP flag set and I chose for them IP 192.168.0.20 . Forwarding is enabled too. ETH0(s) have 192.168.1.15 . Both boxes run a web-server. I then I configured iptables as here on both boxes: ifconfig eth1 192.168.0.20 -arp iptables -t nat -F iptables -t nat -A POSTROUTING -o eth1 -p tcp -j SNAT --to-source \ 192.168.0.21:6000-6050 iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT \ --to-destination 192.168.0.20:80 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8081 -j DNAT --to \ 192.168.0.21:80 I try to connect with my browser on a notebook on LAN-A to address 192.168.1.15:8080 and I expect to receive answer from BOX-B web server but nothing happens. Box B receives a tcp packet 192.168.0.21:6000 -> 192.168.0.21:80 on eth1 (tcpdump saw it) but the web server doesn't receive this packet probably. Thank you for your attention, Antonio.
