Having a small issue setting up a vyatta.
The company internet and two different websites are both on the same IP.
Server 1 - Has websites hosted on ports 1000 and 3000 and also has a proxy server installed to provide internet connection to the domain
Server 2 - Has a website hosted on ports 80 and 433
The vyatta is correctly natting the appropriate traffic to each server, and allowing the proxy to get internet traffic, however I have a problem getting to the websites hosted on these two servers inside the domain.
I believe the problem is that the HTTP request is being sent with an IP, eg: 12.34.56.78. The request will reach the website and the server will attempt to send the request back to the IP, however this is the IP of the Vyatta, so it has nowhere else to go.
I thought the solution would be something like this:
rule 50 {
destination {
address 12.34.56.78
port 1000
}
inbound-interface eth1
inside-address {
address 10.19.2.3
}
protocol tcp
type destination
}
But this doesnt seem to do it!
UPDATE
I changed the rules to the following:
rule 50 {
destination {
address 12.34.56.78
port 443
}
outbound-interface eth1
protocol tcp
source {
address 10.19.2.3
}
type masquerade
}
rule 51 {
destination {
address 12.34.56.78
port 443
}
inbound-interface eth1
inside-address {
address 10.19.2.2
}
protocol tcp
type destination
}
I am now seeing traffic going between the two with Wireshark, but the website will still fail to load.
What I needed was a hair pin NAT, which is quite well documented around.