DNAT won't work
I am new to this so this is probly something really simple. I just want to forward a port coming in to an external address to an internal address on a certain port. The external address is an unused public address. Right now the firewall is configured with a default FORWARD policy of accept. I am using this syntax
iptables -t nat -A PREROUTING -p tcp -i eth0 -d $EXT_IP --dport 80 -j DNAT --to-destination $INT_IP:80
Everything shows up correct when looking at the nat table, but if I ping the external address I get destination host unreachable. However if I assign the external address I am using to the firewall as ex. eth0:1 then it port forwards to the internal address. How do I make this work without assigning the public ip to the firewall? I hope this makes sense.
Any help is appreciated
|