[Shorewall-users] one to one nat

Wed, 10 Jun 2009 11:16:32 -0700 


Tom 
Thinking of trashing the netmap idea due to one of the existing 
firewalls needs to much work and is a 2.4 kernel. That is if there
is an easier way to accomplish this.  
    The existing network is currently connected with two wireless bridges
that need to be doglegged around a treeline. The current network is
at layer2 all using the same network ips.  The fix is to add a third bridge
using wds repeater or really the third bridge will be root so the bandwidth
will not be not be cut in half
    While this work is being done I need this vpn so we dont interrupt the
network. For explanation purposes I will use networkA and netB.
    NetworkB is a slave building that has dsl though. NeworkA has a FracT1.
With the wireless bridges down netB will lose connection to their in house 
servers.
   netB is also a small amount of nodes around 10.

    This network has some ip's that are out of my control or require contacting
people and to say the least is a hassle to change. The two nets have voip PBX
systems to allow voip between them using H323. And one net printer that needs
netA access. I am thinking of changing the voip ips myself since i think I can 
do that. But would like to use one to one nat or something for the printer.
     So if I change netB to 10.10.85.0/24 with netA staying with 10.3.85.0/24.
And use two shorewall boxes to route this with openvpn.
My question is If in networkA server 10.3.85.194 needs to print to former
10.3.85.140 HP printer which will now be 10.10.85.140 would say one to 
one nat work like this?
Firewall A
/etc/shorewall/nat
#EXTERNAL       INTERFACE         INTERNAL      ALL INTERFACES     LOCAL
10.10.85.140.   tun0              10.3.85.194      no                 no

Firewall B
 /etc/shorewall/nat
#EXTERNAL       INTERFACE         INTERNAL      ALL INTERFACES     LOCAL
10.3.85.194     tun0              10.10.85.140.    no                 no

Mike



------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to