On Thu, 12 Jul 2007 14:48:37 +0200, Ansgar -59cobalt- Wiechers wrote: > Then do NAT for that interface. To repeat myself: you don't > need NAT for connections between your two private networks. > Stop using NAT there, and your problem is solved. Maybe I don't understand this, but if I don't use NAT there from the internet I can't connect to the webserver. With this rule commented: iptables -t nat -A PREROUTING -i ! $DMZIF -p tcp --dport 80 -j DNAT --to 192.168.10.2 everything works from LAN, but not from internet. Firewall has a public IP address and it's accepting connections from internet and LAN. -- mandi, Marco
Attachment:
pgpDe__Vlj1GJ.pgp
Description: PGP signature