I *think* i know what tunnelling is, but can i do this with iptables? Or do i need something like FreeS/WAN instead?
Regards Jon >ESP and NAT only work in the tunneling mode. > >Ramin > > > >> Hi, >> >> My iptables firewall isn't NATing ip50 packets, so the vpn firewall at work >> is reporting my internal ip address once i'm authenticated. >> (pre-authentication, i appear as the correct external ip) >> >> I'm not loading any additional modules, and my NAT rules are: >> >> $IPTABLES -t nat -A POSTROUTING -o eth0 -s $INT_IP -j SNAT --to $EXT_IP >> $IPTABLES -t nat -A PREROUTING -i eth0 -d $EXT_IP -j DNAT --to $INT_IP >> >> I have a block of ips, so i'm not masquerading, just doing a 1:1 translation >> for each of my machines to a different external address. >> >> Is the NATing of ip50 packets actually possible? >> >> if yes, what do i need to do/where do i need to look to find out >> if no, how can i keep my vpn client behind the firewall and still use it? >> >> (I'm using mandrake 8.1 with no additional iptables patches; i'm sorry i >> can't remember the version of iptables that is supplied with 8.1.)
