Access NATted webserver from inside the network

From: sebmil (sebmil_at_invalid.mail)
Date: 08/08/04


Date: Sun, 08 Aug 2004 22:57:00 +0200

Hello,

I would like to know if it is possible to access a NATted webserver with
its external address from inside the network, and how.

Here's my network :

Webserver :
IP 192.168.0.54, connected to LAN

Router/gateway :
IP 192.168.0.55 on eth0, connected to LAN
Dynamic IP on ppp0, connected to Internet
routing port 80 (DNAT) to 192.168.0.54

LAN clients :
IP 192.168.0.xx, connected on LAN

I use dyndns services so i can access my server from outside with URL
like xxx.dyndns.org, and it works.

The problem is, from the LAN i would also like to access the webserver by
using the xxx.dyndns.org URL.

Here are my iptables rules :

iptables -P INPUT DROP
iptables -F INPUT

iptables -P OUTPUT ACCEPT
iptables -F OUTPUT

iptables -P FORWARD DROP
iptables -F FORWARD

iptables -t nat -F

iptables -A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -i eth0 -j ACCEPT

iptables -A FORWARD -i ppp0 -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to-destination 192.168.0.54

iptables -A INPUT -i ppp0 -j REJECT --reject-with icmp-port-unreachable

iptables -A FORWARD -i ppp0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT

iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

Thanks in advance,

Sebmil.