iptables DMZ
 

Hi.

I'm currently about to set up a DMZ but I've encountered some issues.

From the ISP I've a /30 network and I own a /27 network which is behind the /30.

On the linux box I've 3 interfaces. 1 to internet /30, one internal and one DMZ.

I've enabled ip_forward and been poking around with iptables in all directions I can think of but I still only get 1 way traffic to the DMZ. One way as in the traffic from the outside passes to the servers in DMZ but when sending traffic back over DMZ the traffic gets stuck in the DMZ interface on the router.

Right now I've scrapped all config except for ip_forward and MASQ of the internal network. The MASQ only applies for the internal IP-range.

Please advice.

What is in your current iptables script?

Brian

I managed to fix it eventually, I realized that I had the routing IP as my secondary IP, seams like RHEL didn't like this for some reason.

For iptables, only MASQ for the internal network was necessary, the routing tables handled the rest.