Hi

I have two firewalls, f1 and f2. Each firewall is connected to each other via eth1. And each firewall has a web server/client machine attached to it via eth0, c1 (connected to f1 eth0) and c2 (connected to f2 eth0).

I am having trouble configuring each firewall so that c1 can read web pages stored on c2 and vice versa.

I have the following ip addresses:
f1 eth1 = 193.63.1.1
f1 eth0 = 192.168.1.10

f2 eth1 = 193.63.1.2
f2 eth0 = 192.168.2.10

c1 eth0 = 192.168.1.1
c1 Default Gateway = 192.168.1.10

c2 eth0 = 192.168.2.1
c2 Default Gateway = 192.168.2.10

I have enabled ip forwarding and am hoping that the following scripts will work - can someone just take a look and let me know if the ipaddresses are in the right places or if something is wrong - what is wrong?:

F1:
iptables -t nat -A POSTROUTING -s 192.168.1.0/16 -j SNAT -o eth1 --to-source 193.63.1.1
and
iptables -t nat -A PREROUTING -d 193.63.1.1 -i eth1 -p TCP --dport 80 -j DNAT --to-destination 192.168.1.1

F2:
iptables -t nat -A POSTROUTING -s 192.168.2.0/16 -j SNAT -o eth1 --to-source 193.63.1.2
and
iptables -t nat -A PREROUTING -d 193.63.1.2 -i eth1 -p TCP --dport 80 -j DNAT --to-destination 192.168.2.1

I am not really to sure if the ipaddresses are correct - for example should the source ip address of f1 be of the f2 machine instead?

Please help

Thanks in advance - I really appreciate it.

Sam