Hi, I am unable to get my LAN masqueraded using SNAT with CentOS 5.3 and iptables. I have the following setup: eth0: connects to internet with static public IP 1.2.3.1 (obscured here for privacy) eth1: connects to DMZ with static public IP 1.2.3.2 (obscured here for privacy) eth2: connects to LAN with static private IP 192.168.0.1 Traffic to hosts in the DMZ/Internet through eth0/1 work fine. I tried masqueradig the LAN with following: ptables -A FORWARD -i eth2 -j ACCEPT iptables -A FORWARD -o eth2 -j ACCEPT iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -o eth0 -j SNAT --to-source 1.2.3.1 After this I can ssh to a server in the Internet from the LAN using the server's IP address but not its name. The w command on the server tells me that my address has not been masqueraded (its 192.168.0.2, the LAN client's private IP). What am I doing wrong? Best, Peter