Dnat into a third network
Sancho Lerena
slerena@iname.com
Mon, 16 Jul 2001 18:59:38 +0200
This is a multi-part message in MIME format.
------=_NextPart_000_01B6_01C10E29.76A494B0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
This is my network
Eth0 Eth1 Router =20
209.xxx.xxx.5-10------------->192.168.4.67-------+-------->172.16.12.9
Internet Public 192.168.4.66 =
Second
Addresses Nated =
Site
Fisrt Site =
=20
On eth0 I have the public addresses I want to dnat into my first and =
second sites.
Eth1 points to my lan and the fisrt site, it also connects to the =
router going into the=20
sencond site.
How can I make 172.16.12.9 reacheable from the outside ?
Easy:
Publish ARP for Real IP different that your firewall is using and you =
want to been used.
DNAT a Real-IP to translate it to 172.xxxxx
Add a route to 172 network via your internal router
Add a route in Router to default gw in Eth1 (192.168.4.67?) interface of =
your fw
Add a default route in 172 network to your internal router
Un saludo,
Sancho Lerena
slerena@genterara.com
http://www.genterara.com/slerena
------=_NextPart_000_01B6_01C10E29.76A494B0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2920.0" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<BLOCKQUOTE=20
style=3D"BORDER-LEFT: #000000 2px solid; MARGIN-LEFT: 5px; MARGIN-RIGHT: =
0px; PADDING-LEFT: 5px; PADDING-RIGHT: 0px">
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>This is my network</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial=20
=
size=3D2>Eth0 =
&=
nbsp; &n=
bsp;=20
Eth1 =20
Router </FONT></DIV>
<DIV><FONT face=3DArial=20
=
size=3D2>209.xxx.xxx.5-10------------->192.168.4.67-------+-------->=
;172.16.12.9</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Internet=20
=
Public &=
nbsp; 192.168.4.66 &n=
bsp;=20
=20
Second</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Addresses =
=20
=
=20
Nated =
=20
=
=20
Site</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> =
=
=20
=
=20
Fisrt Site =20
=
&=
nbsp; &n=
bsp;=20
</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>On eth0 I have the public addresses I =
want to=20
dnat into my first and second sites.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Eth1 points to my lan and the fisrt =
site, it also=20
connects to the router going into the </FONT></DIV>
<DIV><FONT face=3DArial size=3D2>sencond site.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>How can I make 172.16.12.9 reacheable =
from the=20
outside ?</FONT></DIV></BLOCKQUOTE>
<DIV><FONT face=3DArial size=3D2>Easy:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Publish ARP for Real IP different that =
your=20
firewall is using and you want to been used.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>DNAT a Real-IP to translate it to=20
172.xxxxx</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Add a route to 172 network via your =
internal=20
router</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Add a route in Router to default gw in =
Eth1=20
(192.168.4.67?) interface of your fw</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Add a default route in 172 network to =
your internal=20
router</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial =
size=3D2> Un=20
saludo,</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial=20
size=3D2> &nbs=
p; =20
Sancho=20
Lerena<BR> &nb=
sp; =20
<A=20
href=3D"mailto:slerena@genterara.com">slerena@genterara.com</A><BR> =
&=
nbsp;=20
<A=20
href=3D"http://www.genterara.com/slerena">http://www.genterara.com/sleren=
a</A></FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2><BR></FONT> </DIV></BODY></HTML>
------=_NextPart_000_01B6_01C10E29.76A494B0--