Results 1 to 1 of 1
Hi I have two firewalls, f1 and f2. Each firewall is connected to each other via eth1. And each firewall has a web server/client machine attached to it via eth0, ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 02-07-2006 #1
- Join Date
- Jan 2006
configure DNAT 2 x firewall problem
I have two firewalls, f1 and f2. Each firewall is connected to each other via eth1. And each firewall has a web server/client machine attached to it via eth0, c1 (connected to f1 eth0) and c2 (connected to f2 eth0).
I am having trouble configuring each firewall so that c1 can read web pages stored on c2 and vice versa.
I have the following ip addresses:
f1 eth1 = 18.104.22.168
f1 eth0 = 192.168.1.10
f2 eth1 = 22.214.171.124
f2 eth0 = 192.168.2.10
c1 eth0 = 192.168.1.1
c1 Default Gateway = 192.168.1.10
c2 eth0 = 192.168.2.1
c2 Default Gateway = 192.168.2.10
I have enabled ip forwarding and am hoping that the following scripts will work - can someone just take a look and let me know if the ipaddresses are in the right places or if something is wrong - what is wrong?:
iptables -t nat -A POSTROUTING -s 192.168.1.0/16 -j SNAT -o eth1 --to-source 126.96.36.199
iptables -t nat -A PREROUTING -d 188.8.131.52 -i eth1 -p TCP --dport 80 -j DNAT --to-destination 192.168.1.1
iptables -t nat -A POSTROUTING -s 192.168.2.0/16 -j SNAT -o eth1 --to-source 184.108.40.206
iptables -t nat -A PREROUTING -d 220.127.116.11 -i eth1 -p TCP --dport 80 -j DNAT --to-destination 192.168.2.1
I am not really to sure if the ipaddresses are correct - for example should the source ip address of f1 be of the f2 machine instead?
Thanks in advance - I really appreciate it.