We have a public class C address range 72.183.76.0/24 that we have been using for many years.

We have now run out of available addresses, and want to extend the network using NAT on iptables. (We have also tried NAT server on Windows 2003 server with same problems)

I have tried setting up the rules as follows;


eth0 = 72.183.76.253
eth1 = 10.10.10.253

Flush all rules
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

All seems to work OK (web browsing, e-mail etc) but we keep getting disconnects from our file server. Mapped drive goes offline. If you syncronise it will be OK and then go off line again. Sometimes this lasts a while other times it goes straight back offline again.

The PCs on the public IPs are OK.

It gets worse the more people we have going through the NAT box.

Is there any reason that what we are trying to do won't work? Any suggestions?

Thanks