Hi:
I have the setup show in
http://imagebin.ca/view/L7Qut2Xn.html .eBox
has Firewall, DNS, transparent proxy and mail services. Server with IP
address 10.10.1.13 hosts a website that needs to be publicly
available. eBox DNS has a corresponding hostname, say
www.example.com,
that resolves to the IP of interface eth0 - Web, and a corresponding
Port redirection rule forwarding everything directed to ebox TCP port
80 on interface eth0 - Web to 10.10.1.13 port 80. This works without
issues.
Now, the problem arises when a machine from the internal network, say
10.10.1.220, needs to access the website at
www.example.com. When the
address is entered on the browser, I get a connection refused error. I
also defined a redirection rule saying that anything coming from
interface eth1 - Interna to ebox TCP port 80 should be redirected to
10.10.1.13. See
http://imagebin.ca/view/BrO81knn.htmlBut the redirection does not work.
Any hints?
THanks.
Updated:
I think that what is happening is the following: host sends http request to public IP, it is intercepted by transparent proxy. squid attempts to contact TCP port 80 of public IP in eth0 - Web but since no apache runs on port 80 of eBox, it fails. The redirection rule is not being applied because the traffic does not get to port 80 of eth0 from packets coming from eth0, but packets coming from the same machine (dunno, localhost, perhaps?) so they do not meet the criteria for redirection.
Topic: Unable to access published hosts from internal network (Read 2429 times)