Hi All!

I have a Linksys WAP11 behind a high speed connection.

Currently doing simple NAT with:

iptables -t nat -A POSTROUTING -o $extdev -j MASQUERADE

(other rules to accept certain protocols for ssh, webmin, etc)

and then:

iptables -A INPUT -i $extdev -m state --state NEW,INVALID -j DROP
iptables -A FORWARD -i $extdev -m state --state NEW,INVALID -j DROP

as a simple block to unwanted traffic on an already protected ext. network

Here's the scenario:

INT (eth0) IP Range ( 192.168.168.1 class C )

EXT (eth1) IP Range also private ( 10.20.0.3 class B )

EXT (eth1:1) Virtual IP is 10.20.0.4

I want to map everything from Virt IP (Eth1:1) 10.20.0.4 (all ports) to internal 192.168.168.178 (the Linksys WAP 11). FYI this is for remote management of my access point.

Where in the world do I start? All help is appreciated in advance.

Here was my first attempt, which did not work. I explicitly allow all traffic in/out/fwd for 10.20.0.4 to make sure I wasn't kicking myself here. Still no go. Suggestions?

""iptables -A PREROUTING -t nat -d 10.20.0.4 -j DNAT --to 192.168.168.178""

-Ryan Beisner

ryanb -at-nosp@m- thedataarc () com