Re: Problem with NAT

From: Robert <noone@xxxxxxxxxxxxxxx>
Date: Fri, 26 Jan 2007 18:11:59 -0500

On Thu, 25 Jan 2007 11:31:32 -0800, dpenev wrote:

Hi All,

I have a configuration with two PCs.

I have telnet server on PC2 and would like to connect to it from
outside
(I can telnet PC2 from PC1)

I would advise you to switch to SSH when doing anything from the outside.

=======================================================
I have specified the following rules in my iptables
[root@localhost log]# /sbin/iptables-save
# Generated by iptables-save v1.3.5 on Thu Jan 25 20:18:56 2007
*nat
:PREROUTING ACCEPT [3279:408077]
:POSTROUTING ACCEPT [6:398]
:OUTPUT ACCEPT [84:5817]
-A PREROUTING -i eth0 -p tcp -m tcp --dport 23 -j DNAT --to-destination
10.120.81.139
-A POSTROUTING -o eth0 -j SNAT --to-source 89.190.194.54
COMMIT
# Completed on Thu Jan 25 20:18:56 2007
# Generated by iptables-save v1.3.5 on Thu Jan 25 20:18:56 2007
*filter
:INPUT ACCEPT [566:48344]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1021:172479]
-A INPUT -s 10.120.81.139 -i eth1 -p tcp -j ACCEPT
-A INPUT -i eth0 -p tcp -j ACCEPT
-A FORWARD -d 89.190.194.54 -i eth0 -p tcp -m tcp --dport 23 -j ACCEPT

What is this rule used for?

COMMIT
# Completed on Thu Jan 25 20:18:56 2007

==================================================================
But still I can not telnet my PC2 from ouside netwok
Can somone tell me what should I try/monitor/sniff so I figure out the
problem.

Well if you are looking to learn then first sniff PC2 and see if any
traffic is getting to it

Then Sniff the inside interface of PC! to see if the traffic is getting to
that interface and how it is configured.

Note that I am new to linux so probably I am missing something simple

Might be can you surf the web from PC2?
Is forwarding turned on?

--

Regards
Robert

Smile... it increases your face value!

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
.

References:
- Problem with NAT
  - From: dpenev

Prev by Date: Re: iptables port forwarding fails when adding third NIC (r8169) Kernel: 2.6.17-1.2174_fC5
Next by Date: How to troubleshoot "Failed to get local socket name :"???
Previous by thread: Problem with NAT
Next by thread: Re: network monitoring and pf_ring?
Index(es):
- Date
- Thread

Relevant Pages

Re: takes a long time to logon...
... The configuration from your netwrok interface card, where you have set the ip address form your workstation. ... "Meinolf Weber" wrote: ... pc2 has xp sp2 on it joined to pc1 domain. ...
(microsoft.public.win2000.general)
Re: Sygate Personal Firewall PRO and my Lan security
... "Thomas Hertel" ha scritto nel messaggio ... > apply rule2 to the external interface only and then reject any ... - 1st Rule applied on the Ethernet network interface: ... Ports status change when PC2 is connected remains:o(... ...
(comp.security.firewalls)
RE: NEED HELP WITH WIRELESS plz
... What Wireless products are you using. ... What wireless product do you have on PC2? ... When you give all you configuration information, then folks have some idea as to how it should be set up and can advise properly. ...
(microsoft.public.windowsxp.network_web)