On Mon, Jan 27, 2014 at 2:48 PM, Ray Soucy <rps@xxxxxxxxx> wrote: > The term you're looking for is "NAT reflection" or "hairpin NAT". > > If you're not running split DNS, then trying to reach a system via its > "outside" IP from an internal system will present a problem because > the source IP of the request is seen as on-link by the server, so the > server responds directly from an unexpected source IP and the > requesting host drops the request. > > You can get around this issue by NATing the return traffic when its to > and from the internal network. > > Assuming that your inside interface is eth1, and your inside IP > network is 192.168.0.0/23: > > iptables -A POSTROUTING -s 192.168.0.0/23 -d 192.168.0.0/23 -o eth1 -j > MASQUERADE > That did not seem to work either. Getting the same results. Thanks. > Split DNS, however, is a better approach, if you can do it (using > views in BIND). Yes, if I can get time to setup a Bind server. I just need some more time. -- Scott Mayo Mayo's Pioneer Seeds PH: 573-568-3235 CE: 573-614-2138 -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
