Iptables, FreeSwan
I am using a PPPOE connection to connect to our ISP.
Upon connection our server grabs the appropriate first IP public address
in our block of 5 public IP addresses.
Now, I need to configure our server so that it will grab the remaining 4
as well in order to perform NAT or port forwarding (based on public IP
address and port).
On the advice of another user in this group, I need to configure virtual
interfaces.
Now although PPPOE is configured on eth1, it's ppp0 that shows the
public IP address. So it seems to me the appropriate way to configure
virtual interfaces is ppp0:0, ppp0:1, etc.
Right?
I was able to do this, but nonetheless, there was no connectivity to
those additional public IP addresses as far as I could tell.
For example.
The block of public IPs is 128.12.13.137 - 141
ppp0 get 128.12.13.137 and I noticed P-t-P was 128.12.13.144 and netmask
was 255.255.255.255
I configure ppp0:0 as follows
iface ppp0:0 inet static
address 128.12.13.138
broadcast 128.12.13.255
netmask 255.255.255.254
network 128.12.13.0
(I think there are some errors here, for example broadcast, netmask and
network)
What happened when I brought ppp0:0 up was that it showed that correct
IP, but P-t-P was also 128.12.13.138. Netmask was, of course,
255.255.255.254
So, how should I do this correctly?
The next question relates to iptables, I believe.
Basically, as I said earlier I will be doing NAT or port forwarding.
So, say someone comes in at 128.12.13.138:81
That then gets forwarded to 10.0.1.1:81
Or, say someone comes in at 128.12.13.139:3264
That get forwarded to 10.0.1.3:3264
Correct me if I'm wrong but this information all goes into my iptables,
right?
And someone please tell me that this is all possible with a single
server acting as the router?
Curtis
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: