linux – Problems routing between two interfaces with iptables NAT


I have a Linux server with three NICs:

  • eth0: 1.2.3.4 (public IP)
  • eth1: 5.6.7.8 (public IP)
  • eth2: 10.0.0.1 (internal IP)

I’m trying to have my Linux server act as a router between eth1 and eth2:

Switch -> (eth2) -> Linux Server -> (eth1) -> Internet

I’ve gotten this to work when routing from eth2 to eth0, but not eth2 to eth1. When I try to route between eth2 and eth1, computers connected to the switch can ping the server at 10.0.0.1 but cannot access anything on the internet. These were the commands I tried (which worked when I swapped out eth1 for eth0):

iptables -A FORWARD -i eth2 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

I’m positive that eth1 has internet access because I can ssh into my server through 5.6.7.8, but I cannot seem to ping from it using ping -I eth1 8.8.8.8. I’m not sure if this is relevant to my iptables issue.

Any help would be appreciated, thanks.