If I have a Shorewall gateway doing NAT to the Internet for an RFC-1918 LAN behind it, should I be able to communicate to services that are on the LAN through the gateway's external IP address from hosts on the same LAN assuming there is DNAT policy successfully allowing external hosts to communicate with with internal services?
To explain, if I have a web server on the LAN that has a DNAT rule in Shorewall allowing hosts on the Internet-side to reach it via Shorewall's external IP, should hosts on the LAN be able to reach it by the same Shorewall external IP? If the answer is yes for a simple[r] service above like HTTP, should it work equally well for SIP? If I have a SIP server on the LAN and when the SIP server is INVITEing a SIP client on the LAN with an SDP payload specifying the external IP for the media session, should the client on the LAN be able to contact the SIP server on the Shorewall external IP and port specified in the SDP and get that media session routed back into the SIP server successfully? For the above, it is safe to assume that SIP NAT traversal is working successfully for hosts that are fully on the Internet-side of the Shorewall gateway and media sessions get set up so that there is fully functioning two-way audio. Cheers, b.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
