Help - Search - Members - Calendar
Full Version: Iptables And Forwarding
Linuxhelp > Support > Technical Support
I have been reading google searched articles all morning, but nothing.

What I am trying to do:

Access an internal machine on my network that is being NAT'd by a cable/dsl router. I want to access an internal windows machine on port 3389.


Linksys cable/dsl router that has a DMZ setup to allow all traffic to my linux box running fedora 2. Linux box is runing IPtables. The linux box does not have a public ip.

I tried setting up prerouting and postrouting with masquerade, but I can't access my windows machine. I just want it to forward/route all port 3389 traffic.
Try this... (if udp, substitute for tcp)

iptables -A FORWARD -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to x.x.x.x

eth0 = interface connected to dls/cable router
x.x.x.x = internal windows machine IP address

Depending on the application, you may need some type of STATE tracking.
I have tried that, but it did not work. I am wondering if there is a problem going through a double NAT. Once at the dsl router, and then again at the linux box.

sorry for the double post, I couldn't figure out how to delete it.
Actually, using the syntax:

./iptables -A FORWARD -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to

results in "invalid argument".
If your setup is that the router has both the linux and windows machines connected to it, you need to use the router to forward port 3389 to the windows machine ... not the linux machine.

Just go to the port forwarding section of the router and forward 3389 to the Windows machine.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2018 Invision Power Services, Inc.