I realize this... as you can see from the tcpdump logs the packet makes
it to W2 just fine. I changed the port forward accordingly with each
attempt. I'm aware you can't forward to two internal addresses at the
same time.
MLS
Sietse van Zanen wrote:
You cannot use both servers on the same port externally, when accessing from the Internet. There is no way a client on the Internet can distinguish between the servers, as it only sees the IP address of your firewall.
Do either of the following.
Have your firewall forward two different ports to port 23 of your server:
FW port 23 -> W2 port 23
FW port 24 -> W3 port 23
Configure one of your servers to use a different port and set up port forwarding accordingly.
FW port 23 -> W2 port 23
FW port 24 -> W3 port 24
The first one will not break your internal network, the second is somewhat more symetric. Asymetric port forwarding might not work with certain software.
The only 'real' solution to use both machines on port 23 is obtain an extra external IP address.
-Sietse
________________________________
From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx on behalf of WP
Sent: Wed 26-Jul-06 13:45
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: IPTables problem perhaps related to ECN/CWR flags?
