[prev in list] [next in list] [prev in thread] [next in thread]
List: gauntlet-user
Subject: Re: Additional IPs and NAT on External NIC
From: "Steve Loughran" <stevelg () scee ! sony ! co ! uk>
Date: 1999-08-31 14:03:23
[Download RAW message or body]
> If you are using one to one NAT, i.e. static, you must enable the arp for
> the global IPs on the external NIC. For example, your external IP is
> 10.10.1.1 while your DMZ host IP is 192.8.8.1 is to be NAT to 10.8.8.1,
you
> must enable the arp by issuing the command "arp -s 10.8.8.1 <MAC of
external
> NIC> pub I might have gotten the sequence wrong. It could be IP after
the
> MAC.
OK, I (well, actually a mate of mine) finally got the additional IPs bound
to the exernal NIC (using an interface alias) but now I have another
problem. one of the hosts on the DMZ is an ftp server. one of the external
IPs maps to this DMZ IP via NAT. I can connect with ftp to the DMZ ftp
server and log on but the firewall seems to be blocking the 20/tcp ftp-data
traffic coming back out from the DMZ hosts to the external world via the NAT
rules (connection to/from the internal network with no NAT works fine)
For example, if I log in and type `dir`, the internal hosts get the usual
traffic back, but the external hosts stop doing anything once the ftp-data
part of the transfer starts. Any ideas?
--
Steve
-------------------------------------------------
Steve Loughran, SGI/PC IT Manager
Sony Computer Entertainment Europe (Cambridge)
http://camsg001.millennium.co.uk/index.htm
Yamaha YZF1000R Thunderace
Team Waste - Where do you want to go wrong today?
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic