Re: multiple nat + public adresses

To: debian-firewall@lists.debian.org
Subject: Re: multiple nat + public adresses
From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
Date: Fri, 26 May 2006 01:13:00 +0200
Message-id: <[🔎] 447639FC.1010609@plouf.fr.eu.org>
In-reply-to: <[🔎] d1473ad90605220513o5ca501d5y8b09d33398a65fab@mail.gmail.com>
References: <[🔎] d1473ad90605220513o5ca501d5y8b09d33398a65fab@mail.gmail.com>

Hello,

Wojciech Ziniewicz a écrit :

Hello , i have a strange configuration (below) :

LAN_IP1\
LAN_IP2- =====(lan1)NAT1(lan2)=====(lan2)NAT2(pub)==== Internet
LAN_IP3/


Nothing strange so far.

-LAN_IP1, LAN_IP2 are workstations
-LAN_IP3 - has a public IP adress  (going thru 2  DNAT's : NAT1 i NAT2)


Oh, you were right. A public address behind some NAT, THIS is strange.

-I have iptables on NAT2 and NAT1 is a cisco router (very very old).
LAN_IP3 has the public adress assigned with iptables DNAT going thru
those two NATS (being rewrited two times)...

What to do , to allow LAN_IP1 and LAN_IP2 connect to public IP adress
of LAN_IP3 host ? Now  they are only seeing the public adress assigned
to NAT2 eth0 interface..

Add a direct route to the address on the workstations to let them knowthat it is reachable on the same LAN ?

Reply to:

Follow-Ups:
- Re: multiple nat + public adresses
  - From: "Wojciech Ziniewicz" <wojciech.ziniewicz@gmail.com>

References:
- multiple nat + public adresses
  - From: "Wojciech Ziniewicz" <wojciech.ziniewicz@gmail.com>

Prev by Date: Re: Request for comments: iptables script for use on laptops.
Next by Date: Re: multiple nat + public adresses
Previous by thread: multiple nat + public adresses
Next by thread: Re: multiple nat + public adresses
Index(es):
- Date
- Thread