Im having issues with something very simple here. all network traffic is masqueraded. However some clients need external ips. I have done this this scr and dst nat rules. i can ping and access my pc externaly.
now for the strange bit. Some services dont work like echolink. the only way i can get them to work is by disabeling the masquerade rule, then they work 100% but ofcorse all other non external ip’s have no connectitivity!!!
Any ideas why the masquerade rule will interfier or what i can use as an alternative to the masquerade rule.
Thanks for the help, i aranged as you recomended and ensured masquerade rule is last on the list, still the same.
How would you exclude real ip users from the masquerade? Infact i have done this with one client by adding an ! next to his ip in the masquerade rule, this then works for his ip, but you can only add one ip rule like this.
But i think thats on the right track, any further sudgestion to exclude the ip’s from the masquerade?
I recived a call this morning saying there is no internet to clients… after checking the masquerade rule i had left an ip in the wrong place, rendering the masquerade rule useless, but i still had connectivity as i have nated ip.
After checking recomended settings, certain services will not work with masquerade enabled to the natted ip’s, but perfect with it dissabled.