shorewall-lite version 4.4.6
Debian Lenny - 2.6.26-2-686
have a large network of public IPS ( 22.214.171.124/25 )
I have broken this up into
several smaller subnets. I have a few servers that I want to NAT
translate from my gateway server to a public IP on VLAN350. which is
subnet 126.96.36.199 / 27.
My gateway server has the following interfaces
eth1 - 172.16.1.0 /24
vlan350 - 188.8.131.52 /27
have this entry in the nat configuration file:
INTERFACE INTERNAL ALL LOCAL
184.108.40.206 vlan350 172.16.1.23 no no
#LAST LINE -- ADD
YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
but when the host
172.16.1.23 pings the internet, the IP is masquerarded as 220.127.116.11, not
From the gateway, I can do the following
ping www.google.com -I
and I do get replies, and tcpdump on the gateway
verifies that the IP being used is correct, so I know the routes are in
Any suggestions as to what I might be doing wrong?
The dump file is over 50k even after sending.