[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Validating NT thought a natting firewall

his is not a strictly debian problem, but i hope someone could help me: I
have two NT4 server (PDC and BDC) on a subnet a.b.c.0/24 . I have a 
number of win2000 with some NT4, XP clients and some win2k and 
samba servers. All are happy whitin the subnet. For local policy i have 
four  in an area that have some security concern so these are behind a 
linux (sarge with 2.4.25) gateway acting as a natting firewall. So this 
firewall is set that every host "inside the area" get a number by dhcp in to Only four machines (one NT4 and 
three win2k) have fixed address to .197 . on the gateway 
there is an iptables as: 
-A PREROUTING -s a.b.c.0/ -d a.b.c.194 -j DNAT --to- 
destination -A POSTROUTING -s -j SNAT --to-
source a.b.c.194

I have added to the domain the four administrators` hosts [by just 
plugghing diretly to main network with a temporary number) 
This way for that 4 machines all ports are open.
All service run smoothly except that if I try from one of such machines to
login as a non local user or try to add permission for an user on the
server the machines invariantly say that thy cannot access main server. i
have also added in lmhosts the address of the PDC and BDC with #PRE
#DOMLMYDOMAIN but no success. It seem that thse machines cannot 
to the server throught the natting firewall (that incidentally, does not
firewall anything for those 4 address, jst shift the addresses both way !)
Can you help me ???? --

Leonardo Boselli
Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile
Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze
tel +39 0554796431 cell +39 3488605348 fax +39 055495333

Reply to: