I've tried Toms suggestion below without success. Perhaps a diagram of
this system would help.
___________________________________
| eth0
eth1 |
-----------64.202.224.0/24--------| net interface on pppoe server / loc
interface |--------------no ip address (pppoe only)-----
| |
___________________________________
To simplify things, I changed loaded apache on each pppoe server and set
the home page as the user suspended page.
so in this case I could redirect to either 127.0.0.1, or 64.202.224.X
The way the pppoe server works is: PPPOE daemon uses radius
authenticate terminates the pppoe session. At this point the session is
handed of to the standard kernel mode pppd
When I use:
DNAT- y:192.168.50.0/24 z:64.202.224.254:80 tcp
I do not get the suspend web page. When I trace route from the connect
system, I get host unreachable from my boarder router (which I should
never see).
This box is running zebra and ospf, as is the boarder router, could it
be that they are overriding?
Any thoughts would be greatly appreciated.
slightly beaten down....
Marco
Ok lets start from the top.
I have multiple pppoe servers terminating connections. Users are
normally issued public ip addresses.
When I suspend a user, they get a private 192.168.50.0/24 ip address.
I want to redirect any IPs in the 192.168.50.0/24 to a web page on a
server that has a simple SUSPENDED message.
That is just:
DNAT- y:192.168.40.0/24 z:64.202.230.254:80 tcp
Where
y = Zone containing 192.168.40.0/24
z = Zone containing 64.202.230.254
------------------------------------------------------------------------
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, &
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, &
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
