[Ferm] NAT network not able to reach outside IP of NAT server.

[Eivind Aksland]

Hello
 
I have a firewall running ferm 2.0.6-1 on Linux 2.6.32-29-generic-pae #58-Ubuntu SMP.

I have one public interface towards ISP with a static IP and two private interfaces.
Both private interfaces are NAT'ed. 

I have a server on NAT IP 172.27.1.122 with a SSL webserver that listens on port 443. 
I want this to be accessible to the outside world, so I add these lines to my ferm.conf:
 
# port 443 for webside til exchange
table nat chain PREROUTING interface $public_if proto tcp DNAT to 172.27.1.122 dport 443;
 
interface ($public_if) proto tcp dport 443 ACCEPT;

In my DNS i have set up https://test.foo.no/ to the IP of my public interface.
 
This makes my server accessible from the internet. But if I try to reach my server from one of my NAT'ed interfaces I don't get any response via https://test.foo.no. 
 
Attached is my ferm.conf.
 
Why can't I reach my server from my NAT'ed networks?
 
  		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://foo-projects.org/pipermail/ferm/attachments/20110316/07d6b7e9/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ferm.conf
URL: <http://foo-projects.org/pipermail/ferm/attachments/20110316/07d6b7e9/attachment.ksh>