NAT configuration

Posted on 2003-03-20
Medium Priority
Last Modified: 2010-03-18

We are a basic isp. One of our clients connects thru our server to the internet.  We run Linux Redhat 7.2.  They can browse and receive email, but they use our IP address.  Their ip address is and our address is  Which means that they can't ftp or ping other ip's besides ours.  How do I configure NAT to change there ip address to which is within our ip range.  So when they dial to our server there ip gets changed from to
Question by:Illegaldragster
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 8178987
Is your RH 7.2 system acting as a router?  If it's passing all the packets, then you can NAT their packets by adding this:

iptables -A POSTROUTING -t nat -s -j SNAT --to
iptables -A PREROUTING -t nat -d -j DNAT --to

The first rule takes care of all their outbound packets.  The second rule allows other people on the internet to connect to them.

Author Comment

ID: 8193351
Thank you for your answer.
But if I now ping the host is unreachable. Is there anything else I need to change on my server to let that address be seen.  Is the no ip I need to change on the network card or something.

Author Comment

ID: 8216465
TheAmigo the solution never worked. Anybody else got some ideas.
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.


Accepted Solution

_HAL_ earned 225 total points
ID: 8217899
Try to activate IP_FORWARDING on kernel.

Type: echo "1" > /proc/sys/net/ipv4/ip_forward

And add the following rule:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

(Replace eth0 by your "external interface")

Ping now from any host from to

Expert Comment

ID: 9077624
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

Author Comment

ID: 9086603
These comments did help in a way ,but I had to try a few other things aswell.  Thank you to everyone that contributed.

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question