28 Sep
2005
28 Sep
'05
4:46 p.m.
Quoting Kirk Bocek t004@kbocek.com:
I did this successfully providing external SSH access to a collection of hosts on a private network. However for this to work, the hosts on the private net also need to be doing SNAT back out through the firewall.
Unless you are doing something funky, SNAT is not needed. All he needs is DNAT. Netfilter should take care of returning packets automagically (unless, as I said, you are doing something funky and confusing Netfilter with it).
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.