[CentOS] SNAT question
peter.peltonen at gmail.com
Mon Nov 23 14:10:55 UTC 2009
I am unable to get my LAN masqueraded using SNAT with CentOS 5.3 and iptables.
I have the following setup:
eth0: connects to internet with static public IP 22.214.171.124 (obscured
here for privacy)
eth1: connects to DMZ with static public IP 126.96.36.199 (obscured here for privacy)
eth2: connects to LAN with static private IP 192.168.0.1
Traffic to hosts in the DMZ/Internet through eth0/1 work fine.
I tried masqueradig the LAN with following:
ptables -A FORWARD -i eth2 -j ACCEPT
iptables -A FORWARD -o eth2 -j ACCEPT
iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -o eth0 -j SNAT
After this I can ssh to a server in the Internet from the LAN using
the server's IP address but not its name. The w command on the server
tells me that my address has not been masqueraded (its 192.168.0.2,
the LAN client's private IP).
What am I doing wrong?
More information about the CentOS