Find the answer to your Linux question:
Results 1 to 2 of 2
Hello, I am trying to get a one to one NAT between two networks working on my Ubuntu 13.10 machine to no avail. The scenario is as follows. My machine ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2014
    Posts
    1

    Question One to One NAT with iptables does not work. Please help!


    Hello,

    I am trying to get a one to one NAT between two networks working on my Ubuntu 13.10 machine to no avail. The scenario is as follows. My machine has two NICs one with an IP address of 10.0.0.110 (eth5) and another with an IP address of 172.16.0.1 (eth4). There are three devices on the 172.16.0.x network that I wish to expose to the 10.0.0.x network. These devices IP addresses on the 172.16.0.x network as as follows.

    172.16.0.2
    172.16.0.3
    172.16.0.4

    I've allocated three IP addresses on the 10.0.0.x network for them, they are as follows.

    10.0.0.112 for 172.16.0.2
    10.0.0.113 for 172.16.0.3
    10.0.0.114 for 172.16.0.4

    I want to be able to access the three 172.16.0.x devices from the 10.0.0.x network through my Ubuntu machine. I've tried the following commands with no luck and I can't seem to find a solution anywhere.

    Code:
    iptables -A INPUT -j ACCEPT
    iptables -A FORWARD -j ACCEPT
    iptables -A OUTPUT -j ACCEPT
    
    iptables -A INPUT -p icmp -j ACCEPT
    iptables -A FORWARD -p icmp -j ACCEPT
    iptables -A OUTPUT -p icmp -j ACCEPT
    
    echo 1 > /proc/sys/net/ipv4/ip_forward
    
    iptables -t nat -I PREROUTING -d 10.1.0.112 -j DNAT --to-destination 172.16.0.2
    iptables -t nat -I PREROUTING -d 10.1.0.113 -j DNAT --to-destination 172.16.0.3
    iptables -t nat -I PREROUTING -d 10.1.0.114 -j DNAT --to-destination 172.16.0.4
    
    iptables -t nat -I POSTROUTING -s 172.16.0.2 -j SNAT --to-source 10.1.0.112
    iptables -t nat -I POSTROUTING -s 172.16.0.3 -j SNAT --to-source 10.1.0.113
    iptables -t nat -I POSTROUTING -s 172.16.0.4 -j SNAT --to-source 10.1.0.114
    All three 172.16.0.x devices look at 172.16.0.1 as their gateway. Can anyone please tell me what I'm doing wrong here as I cannot reach the three devices from the 10.0.0.x network.

    Thank You!!!!

  2. #2
    Just Joined!
    Join Date
    Aug 2009
    Location
    Mumbai, India
    Posts
    96
    Hi,

    Try the following instead if the last three POSTROUTING rules you've mentioned

    Code:
    iptables -t nat -I POSTROUTING -d 172.16.0.2 -j SNAT --to-source 172.16.0.1
    iptables -t nat -I POSTROUTING -d 172.16.0.3 -j SNAT --to-source 172.16.0.1
    iptables -t nat -I POSTROUTING -d 172.16.0.4 -j SNAT --to-source 172.16.0.1
    I've tried this for only one NAT rule compared to three you are trying to achieve.

    I hope you find this helpful though it's a late response

    --Syd
    Last edited by syd05; 06-11-2014 at 11:14 AM. Reason: reply correction

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •