Author Topic: Unable to access published hosts from internal network  (Read 2498 times)


  • Zen Apprentice
  • *
  • Posts: 23
  • Karma: +0/-0
    • View Profile
Unable to access published hosts from internal network
« on: November 14, 2009, 10:03:50 pm »

I have the setup show in .eBox
has Firewall, DNS, transparent proxy and mail services. Server with IP
address hosts a website that needs to be publicly
available. eBox DNS has a corresponding hostname, say,
that resolves to the IP of interface eth0 - Web, and a corresponding
Port redirection rule forwarding everything directed to ebox TCP port
80 on interface eth0 - Web to port 80. This works without

Now, the problem arises when a machine from the internal network, say, needs to access the website at When the
address is entered on the browser, I get a connection refused error. I
also defined a redirection rule saying that anything coming from
interface eth1 - Interna to ebox TCP port 80 should be redirected to See
But the redirection does not work.

Any hints?


I think that what is happening is the following: host sends http request to public IP, it is intercepted by transparent proxy. squid attempts to contact TCP port 80 of public IP in eth0 - Web but since no apache runs on port 80 of eBox, it fails. The redirection rule is not being applied because the traffic does not get to port 80 of eth0 from packets coming from eth0, but packets coming from the same machine (dunno, localhost, perhaps?) so they do not meet the criteria for redirection.
« Last Edit: November 14, 2009, 10:21:23 pm by ejortegau »