Hi,

I have set up this little network at home, using ip-addresses 192.168.6.*, at work I'm using an internal network with 192.168.104.*.
Both networks are connected to the internet using ipchains/masquerading. I have set up the portforwarding for my webserver at home, so I made the following addition to my firewall-ruleset:
    /sbin/ipmasqadm -a -P tcp -L $ISP-address 80 -R 192.168.6.67 80

everything works fine for this, I can connect from an internal PC at work to my webserver at home.

I also added the following line to be able access my ftp-server from the outside:
    /sbin/ipmasqadm -a -P tcp -L $realip 21 -R 192.168.6.67 21

This works from any computer directly connected to the internet, but not via a "fake" IP-address which is being masqueraded. So if I try to connect to my server from the firewall at work everything goes fine. However, if I try to connect to the same server from an internal workstation (passive mode) my ftp-client tries to connect to the internal ip-address of the server (local machine at home) and finally gives a time-out on retrieving the directory-listing.

This could have a standard solution, but I did search the corresponding HOWTO's and I'm not very familiar to these configurations, so any help would be appreciated.

Just if you want to know, the firewall at work runs RedHat 6.2 with kernel 2.2.16-3, the firewall at home runs Debian 2.2 with kernel 2.2.17. Both machines are running ipchains 1.3.9.

Thanks in advance,

Tijl Schoonenberg

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]