> Never ever had netfilter NAT fail on me.
>
> But if your intercepting router is running in "lollipop" mode (just one
> interface, next hop router on same interface as client station) then you
> may need disabling ICMP redirects.
I have 2 interfaces on that router, it is setup as follows:
[Customers]---DS3[Cisco 7206]Fa2/0------|
----------------------------------------------------------
|------eth1[BOX 'mainbr' is bridge iface with ip]eth0----|
----------------------------------------------------------
|------[Switched network including link to internet]
Relatively simple setup. Sorry if that is difficult to understand.
Jon
-- Jon Newman (jnewman@oplink.net) Systems Administrator/Software Engineer The Optimal Link (http://www.oplink.net)Received on Wed Apr 13 2005 - 08:31:31 MDT
This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT