Depends on how your NAT and tunnel are set up. It is possible to configure
NAT to only translate one series of numbers so no
translation would take place on the 192.168.1.0 network when sending packets
to the 10.0.1.0 network. All that would be required is a route in both ends
of the tunnel directing packets through the tunnel.
i.e., ip route [far end of tunnel] [mask] 10.0.1.nn
You could also bridge the tunnel connection and simply make it a part of
your existing network, of course this prevents you from filtering the tunnel
traffic.
> -----Original Message-----
> From: Jean-Fran�ois Grenier [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, August 02, 1999 8:22 AM
> To: [EMAIL PROTECTED]
> Subject: IPSEC + IPNAT possibilities ?
>
> Hi,
>
> Is it possible to use IPNAT with IPSEC ?
>
> Here's the problem :
>
> Supposed that the internal LAN is
>
> 192.168.1.0/24 NAT'ted 205.205.102.2/32 portmap tcp/udp 10000:60000
>
> The IPSEC tunnel is
>
> 205.205.102.2 to 205.205.103.2
> tunnel
> 10.0.1.0/24 to 10.0.2.0/24
>
> Could it be possible for an internal client (lets say 192.168.1.100) to
> reach 10.0.2.0 simply by routing/mapping or do I need something else, like
> a
> proxy ?
>
> Jean-Francois Grenier
> Comact Optimisation
> << File: Jean-Fran�ois Grenier.vcf >>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
