This is my network layout:
Code:
[internet]--DSL--[router]--eth1--[Redhat Box]--eth0--[Switch]
| | |
| | `-[WIN2k3]
| `---[WINXP]
`-----[Others]
The WIN2K3 server is running Terminal Services on port 3389 and IP 192.168.0.6
The WINXP Machine is my desktop IP 192.168.0.2
The Router has an IP of 192.168.1.1 on the LAN Side, and My Public IP on the other side (For the purposes of this Post I will call it 82.255.255.255)
eth1 on The Redhat box has the IP 192.168.1.2 - and an alias of 82.255.255.255 (as eth1:0)
eth0 has an IP of 192.168.0.5
I have used the following IPTables rules to setup port forwarding from the Internet to the WIN2K3 box and It worked:
Code:
iptables -F POSTROUTING -t nat
iptables -A POSTROUTING -t nat -d 192.168.0.0/16 -j ACCEPT
iptables -A POSTROUTING -t nat -d 127.0.0.0/8 -j ACCEPT
iptables -A POSTROUTING -t nat -j SNAT --to-source 192.168.1.2
iptables -A POSTROUTING -t nat -p tcp --dport 3389 -j SNAT --to-source 192.168.1.2
iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 3389 -j DNAT --to 192.168.0.6:3389
This works fine, and allows me to Connect to the box from outside my home.
However, normally I would connect to the box from inside the network using 192.168.0.6 - BUT, I would like to set it up so that I can connect to it using 82.255.255.255 (WAN IP)
I was wondering What I would need todo to the above IPTables code to allow what I want.
I know what I want may seem strange, and alot of you will think "Why not jsut use 192.168.0.6?"
But there is some additional services on the win2k3 box which use clients with a hard coded IP (My external IP) and thus can't be changed to internal IP. These Clients work fine from outside the network, but not from inside (due to the port forwarding not working from inside)
Any help would be greatful.
-DF
