Re: NAT problems

To: Tobias Geijersson <tobias.geijersson@xtnd.com>
Cc: debian-isp@lists.debian.org
Subject: Re: NAT problems
From: Jeremy Lunn <jeremy@austux.net>
Date: Mon, 12 Feb 2001 19:14:05 +1100
Message-id: <20010212191405.A30004@europa.austux.net>
Reply-to: Jeremy Lunn <jeremy@austux.net>
In-reply-to: <3A87915E.418F5B6E@xtnd.com>; from tobias.geijersson@xtnd.com on Mon, Feb 12, 2001 at 08:31:42AM +0100
References: <3A87915E.418F5B6E@xtnd.com>

On Mon, Feb 12, 2001 at 08:31:42AM +0100, Tobias Geijersson wrote:
> My firewall have these NICs:
> 
> eth0 192.168.2.254/24 is connected to my IP-provider using private ip
> eth1 a.x.y.z1/27 is connected to my server segment using "real" ip
> eth2 a.x.y.z2/27 is connected to my workstation segment using "real" ip
> 
> and now I must add a fourth net:
> eth3 192.168.10.1/24 ond I want to NAT those adresses when they access
> internet (through eth0)
> 
> The problem is that when I add the rule for masqurading it translates
> all 192.168.10.1/24 to eth0's 192.168.2.254 before routed to my ip
> provider, and that adress is a private one and will not work!

Shouldn't it be possible to masquerade using say eth2 instead of eth0?
And therefore appear to be coming from the address taht eth2 has even
though you are being routed back out through eth0?

So something like
/sbin/ipchains -A forward -i eth2 -j MASQ

-- 
Jeremy Lunn
Melbourne, Australia

Reply to:

References:
- NAT problems
  - From: Tobias Geijersson <tobias.geijersson@xtnd.com>

Prev by Date: Re: NAT problems
Next by Date: Re: Traffic shaping & proxy problem
Previous by thread: Re: NAT problems
Next by thread: pop3 and Maildir
Index(es):
- Date
- Thread