On Thu, 31 Oct 2002 [EMAIL PROTECTED] wrote: > I can't figure out how to handle this: > > My external interface,eth0, has two addresses: > (all addresses fake.) > > 2.2.2.5 - The true public address as seen by the Internet. > 3.3.3.50 - An address on an intranet lan > > The default gateway is 2.2.2.1, the Cisco router ->T1->ISP > The gateway for the intranet is 3.3.3.1 > On the intranet are many routers and many subnets. > > My internal interface, eth1, has a subnet of clients, > 192.168.1.0/24, who want access to the internet and the intranet. > They need to be NAT'ed. > > SO: to nat internet access: > iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j SNAT --to-source > 2.2.2.5
I think that --to-source should be 3.3.3.50. > But how do I NAT the traffic to the intranet so that it will have a source of > 3.3.3.50? > I realize I could match on destination nets, but there are too many of them. > I realize I could put in another ethernet card for the intranet. > But is there a way to solve it configured as is? > Any way to match on gateway? I am not sure I understand your further questions. If the above suggestion does not work, perhaps you can explain why you want all these other options? A network diagram may be helpful. > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html Perhaps you should review the SR FAQ to make sure you are providing us enough information. --------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --------------------------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by: Influence the future of Java(TM) technology. Join the Java Community Process(SM) (JCP(SM)) program now. http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
