You do not need to use any proxy settings in browsers on you internal network computers when you are using NAT on the router. I think that you should use the following iptables configuration on the router: iptables -t nat -A POSTROUTING -s <internal_network_addresses> -o eth1 -j MASQUERADE iptables -t filter -A FORWARD -s <internal_network_addresses> -j ACCEPT iptables -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t filter -A FORWARD -j DROP Instead of the last three lines you can set the default polucy of FORWARD chain to ACCEPT and flust the chain, however, I think this would be less secure. Alexey Fadyushin Brainbench MVP for Linux http://www.brainbench.com Jim Austin wrote: > > Hello, > > Am trying to set up IP masquerading on my RH9 box that has two NICs. > One connects to a W2k box (eth0) and the other (eth1) to a DSL DHCP > connection. Ping connection is fine between the two PCs is fine. Here > is what I've done. > > 1) ip_forward is turned on. > 2) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > 3 ) Default gateway on the W2k box is the IP of the eth0 interface on > the RH9 box. > 4) DNS servers are setup on the W2k box. > > Not sure how to configure Moizilla on the Windows machine... I've tried > using a manual proxy connection with the HTTP proxy ip of the eth0 on > RH9 and a port of 8080. Nada... Can't ping through the RH9 box to ISP > either. > > Would sure appreciate it if someone can help. What I am missing? > Thanks very much, > Jim > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
