hmm, if I understood you correctly, then this should work just fine (on linux firewall): /sbin/iptables -t nat -I PREROUTING -p tcp --dport 23 -j DNAT \ --to telnetserverip:port-number /sbin/iptables -I FORWARD -i external_interface -o internal_interface \ -p tcp -d telnetserverip --dport portnumberontelnetserver -j ACCEPT after a reboot or firewall service restart it's gone again. -vahur Frank M. Ramaekers wrote: > What is the best way to temporarily setup a port relay. I'm trying to > diagnose a problem with Cisco's latest VPN client and need to determine > if the problem is port number related. > > e.g. VPN client---------23-(Linux box to relay port)-------xx-(Telnet > server) > > (Keep in mind this is temporary and for debugging purposes) >