Figured it out. Client gave me the wrong subnet mask or something. It ends
up that the virtual interface in question is configured with the broadcast
address. It works for a while, and then I guess it disables itself.
Funny, that his NetScreen firewall was working with the configuration?
"Marv" <(E-Mail Removed)> wrote in message
news:Pt40c.52599$(E-Mail Removed). com...
> I'm using RedHat 9.0 and have setup iptables as a firewall/nat. On this
> particular server, there are two virtual interfaces in addition to the
main
> WAN IP. On one of the IPs, I'm forwarding port 80 to an internal address.
> I'm having a very strange symptom. It will work for a little while and
then
> when you try to hit this IIS 5.0 website (which uses NTLM authentication),
> it fails...you just get the white screen in your browser. If I issue an
> 'ifdown eth0:2' and then 'ifup eth0:2', the website starts working again
for
> a while but eventually it happens again.
>
> Here is the setting for the virtual interface:
>
> DEVICE=eth0:2
> BOOTPROTO=static
> IPADDR=63.xx.xx.xx
> NETMASK=255.255.255.252
> ONBOOT=yes
>
> Here is part of the iptables script:
>
> iptables -A PREROUTING -t nat -p tcp -d $ext_if2 --dport 80 -j DNAT --to
> 192.168.168.117:80
>
> The funny thing is that I'm also forwarding port 23 via a different
virtual
> interface to a different internal server, and it never seems to fail.
>
> Does anybody have any suggestions for this issue?
>
> Thanks,
> Marv
>
>
|
Similar Threads
Linear Mode
