Buffalo Bad Asses

I wonder if anyone can help.

I run a specialised linux distro on my router, giving me advanced security. It works great apart from one thing.

Allthough external clients (i.e. not on my home network) can access my webserver and view my website, client's on my home network can't - they just get a connection refused error.

I think it is to do with NAT routing and iptables, but I don't know anything about iptables and routing and not sure how to fix it.

Is there any one who knows about iptables and routing and that can help out. I have CLI access to the router so can issue the necessary commands needed to diagnose the problems..

Here is my current iptables list:

Chain INPUT (policy DROP)
target prot opt source destination
REMOVED

Off of the top of my head, I do know what the problem is, I think, but I'm so rusty with this stuff I'll leave a solution to others.

The problem is that your local lan doesn't go thru the router to get to a server ON the local lan. But since you don't have your own dns server for your local lan your comp's on the local lan resolve the server's IP address as the address of the WAN, or your public IP.

I beleive all you have to do is to add an entry to the hosts file.
Like this:
192.168.xxx.xxx www.myserver.com

This file is looked into before looking it up with dns.

The only bad thing about this is you have to do it on every comp in the lan.

I'm sure someone else will come up with a more elegant solution, but alas my networking skills are a might rusty.

Cheers M13, I will try this out and see what others say...

AWESOME, it worked. thanks loads M13 ;)