If you haven’t already, skim-read the relavent sections of the Vyatta documentation on NAT. This will save you a lot of time, and enhance your understanding.
Configure Source NAT for LAN and DMZ to the Fake Internet.
To test, use echo "Response from Outside1" | sudo
nc -q1 -v -l
80 in one window
on Outside1, sudo tcpdump -n -i eth0 should be
running in another window on Outside1, and then launch
echo "Request from Client1" | nc -q1 -v 198.51.100.157
80 in a window on
Client1. This is how you can test for a TCP
connection on port 80 (or any TCP port, in general). Note you will
have to start the fake server each time as it only serves a single
connection and then quits. You could instead wrap the dummy-server
in a loop:
while true; do
echo "Response from Outside1" | sudo nc -q1 -v -l
I suggest you add two Source-NAT rules: one for traffic coming from the DMZ, and another for traffic coming from the LAN.