[SOLVED] How to do NAT in Iptables? ..(IP Public to Internal IP)
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
202.a.b.166/32 is this Linux firewall box?..
are you sure?
202.a.b.162/32 is mail server
This is your post, here you said that: 202.a.b.162/32 is mail server.
Can you please, be more definite.
If your mail server IP is 172.16.1.69, and you can ping 202.a.b.166 from internet, then next rule should do what you want:
Linux box can do it.
Packets from internet will come to eth0=202.a.b.166, go through firewall, through router and go to second interface eth1=172.16.1.1, then to mail server=172.16.1.69
yes, that also what I thought, Linux-firewall box on 202.a.b.166 receives package from internet, if incoming package destination is to IP 202.a.b.162 and destination port is 25 then it should be forwarded to 172.16.1.69:25 .. but it does not work ..this really make me confusing today :<(
What makes you confusing is you do not understand that if packets from internet was addressed to 202.a.b.166, they will never go any farther because their destination address is 202.a.b.166. That is why you use iptables router - you manually resend them where you want.
That is happen because only 202.a.b.166 is reachable from internet and remote computer can address its packets only to 202.a.b.166, it does not know about anything else.
Hi,
so the all packets will arrives on eth0 202.a.b.166 and go to eth2=172.16.1.1..
but how to make access-list for
202.a.b.162 should be forwarded to 172.16.1.169 for smtp and pop3?
I am asking you this.. because I put dns record for smtp & pop3 @202.a.b.162
please advise
thanks & regards
If you put DNS record to IP=202.a.b.162 for your mail server, it means that mail client will attempt to connect to IP=202.a.b.162 and 202.a.b.162 should be reachable from internet. Is it?
Can you ping 202.a.b.162 from internet?
currently, I am using CISCO PIX, I am unable to ping 202.a.b.162 but I able to port-forwarding..
using Linux.. I am unable to ping 202.a.b.162 and I also unable to port-forwarding
DNS record gives an IP address, which is used for connection from internet. If 202.a.b.166 is reachable from internet, you should put it in DNS. And then with Linux you will forward this connection to any internal IP and ports.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
