I have a gateway connecting to a remote network (via wireless). The remote network uses MAC filtering and provides DNS servers and a VPN server.

The gateway is setup to do ip masquerading using the following commands:

#FWD: Allow all connections OUT and only existing and related ones IN
$IPTABLES -A FORWARD -i ath0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i eth0 -o ath0 -j ACCEPT

#Enabling SNAT (MASQUERADE) functionality on EXT IF
Where ath0 is the wireless interface connecting to the remote network and eth0 is the interface connecting to the local network.

When I do a name server lookup from a local computer (behind the gateway) this shows up in the gateway's logs:

kernel: IN=eth0 OUT=ath0 SRC= DST= LEN=59 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=1674 DPT=53 LEN=39
Where is one of the nameservers.

As far as I can determine this should work, but the lookuip requests times out.

Can this be because my local computer's mac adress gets blocked by the remote network?

Is there anything else I missed? Why won't this work?

PS: I can ping all computers from each other - and I can browse the remote network from the gateway.

Thanks a lot...