Jaap Winius wrote:
Hi all,
Ha Jaap,
After having configured my first iptables firewall, it looks as though I've already found something it can't handle. Well, I hope not... All was fine until a secondary external interface was added. I was hoping that I could configure the firewall to allow remote users to use either external interface to access a Windows server on a private net behind the firewall using VNC. At first I couldn't access the firewall via the secondary external interface at all, because the firewall was routing its responses out its default route -- the primary external interface -- and the ISP was dropping those packets (hot potato routing). However, after installing the advanced routing package (iproute), I configured a second default route and solved that problem.
That's strange. that means you have some very funny routing. You'ld better explain how your routing is set up. Also post the output of 'ip ro'.
M4
