Re: NAT Question
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 20 November 2002 10:59, sgaerner@gmx.net wrote:
> I'm using a DSL line for connecting to the internet and I'm trying to
> run a jabber server.
> The problem I have is that the jabber server stores each account with
> a FQDN. Because I want to use my account from the internet and from
> my LAN, I want to connect from my LAN to my external IP that is
> shared via dynamic DNS.
>
> The jabber server runs on a machine behind the firewall and the port
> is forwared with destination NAT (DNAT).
> [...]
> If someone has a hint or a solution which firewall rules to add or
> delete to connect to my external assigned IP from my LAN, please send
> me an email.
Normally, you should just have to use the DNS name you're using from
within the LAN. Your box then looks up the name, gets the assigned
dynamic IP, connects to your gateway server and is forwarded to your
jabber server.
A problem might arise if you're specifying the DNAT based on the device
on which packets are received, so you might want to make sure that the
DNAT rule catches traffic from within your LAN as well. Something like
iptables -t nat -I PREROUTING -p <protocol> -s <yournetspec> --dport
<jabberport> -j DNAT --to <jabberserver>:<jabberport>
should do the trick. Also make sure you don't block jabber traffic
coming from inside your net.
- --
Embedded Linux -- True multitasking!
TWO TOASTS AT THE SAME TIME!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE926VYeOF0+zcVdv8RAtBQAJ9PcOGsm7uy07Slt71iMQXxnfM9wQCfQkMb
yhSeo+qoCuBmjp+16WFFQbo=
=2wqh
-----END PGP SIGNATURE-----
Reply to: