Reply To: How to tell if VLAN is not NAT’d

Home Page Forums Network Management Networking How to tell if VLAN is not NAT’d Reply To: How to tell if VLAN is not NAT’d

#49645

wifiguy
Member

Alright, here is the output from the iptables -t nat -L -v command.

root@fw root> iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 9173 packets, 1528K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 40 packets, 3240 bytes)
pkts bytes target prot opt in out source destination
4134 311K SNATVS all — any any anywhere anywhere
4098 308K MASQUERADE all — any ETH00 anywhere anywhere

Chain OUTPUT (policy ACCEPT 3949 packets, 300K bytes)
pkts bytes target prot opt in out source destination

Chain SNATVS (1 references)
pkts bytes target prot opt in out source destination

*****Edit*****
Here are our pre-boot iptable commands. Just so you have them also. The below commands should not include vlan74 to be NAT’d correct?

iptables -t nat -I POSTROUTING 1 –src 172.30.0.0/16 -o eth1.20 -j MASQUERADE
iptables -t nat -I POSTROUTING 1 –src 192.168.1.0/24 -o eth1.30 -j MASQUERADE
iptables -t nat -I POSTROUTING 1 –src 152.93.0.0/16 -o eth1.70 -j MASQUERADE