Hi...

I have a gateway connecting to a remote network (via wireless). The remote network uses MAC filtering and provides DNS servers and a VPN server.

The gateway is setup to do ip masquerading using the following commands:

Code:
#FWD: Allow all connections OUT and only existing and related ones IN
$IPTABLES -A FORWARD -i ath0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i eth0 -o ath0 -j ACCEPT
$IPTABLES -A FORWARD -j LOG

#Enabling SNAT (MASQUERADE) functionality on EXT IF
$IPTABLES -t nat -A POSTROUTING -o ath0 -j MASQUERADE
Where ath0 is the wireless interface connecting to the remote network and eth0 is the interface connecting to the local network.

When I do a name server lookup from a local computer (behind the gateway) this shows up in the gateway's logs:

Code:
kernel: IN=eth0 OUT=ath0 SRC=192.168.0.2 DST=146.232.128.10 LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=1674 DPT=53 LEN=39
Where 146.232.128.10 is one of the nameservers.

As far as I can determine this should work, but the lookuip requests times out.

Can this be because my local computer's mac adress gets blocked by the remote network?

Is there anything else I missed? Why won't this work?

PS: I can ping all computers from each other - and I can browse the remote network from the gateway.

Thanks a lot...