Answer the question
In order to leave comments, you need to log in
D
D
Dmitry Shvedchenko2015-05-08 13:38:30
Dmitry Shvedchenko, 2015-05-08 13:38:30
How to forward IPsec traffic to another subnet?
Greetings, dear community, there are
three network cards on the server:
red0 - external
orange0 - dmz
green0 -
ipsec locale is built through an external card on dmz. Everything works well, then with the rules I forward packets from local to ipsec:
iptables -t NAT -I POSTROUTING -d 192.168.80.0/24 -j SNAT --to-source 172.16.10.254
iptables -I FORWARD -s 192.168.80.98 -j ACCEPT
iptables -I FORWARD -d 192.168.80.98 -j ACCEPTeverything that goes from LAN to ipsec passes remarkably. Now there is a need to allow mongo synchronization from ipsec to local. But I can't write the necessary rules. Please help.
Need to use PREOROUTING?
Thank you very much in advance!
1 answer(s)
@kbu
D
Dmitry Shvedchenko, 2015-05-14 @kbu
The rule solved the problem:
iptables -t nat -A PREROUTING -p tcp -d 172.16.10.254 --dport 27017 -j DNAT --to-destination 192.168.5.237:27017
Similar questions
S
B
BarakudaX7772018-12-29 11:44:39
How to set up a transparent proxy for Squid 3.5 via iptables?
2Reply
C
V
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question