We have a bunch of clients who VPN to our systems here. As you might
expect, those that use RFC-1918 private addresses want those addresses to
run around on out network. So far, we've been lucky in that we've not had
any conflicting address sets. But it's sure to happen.
We'd rather not dictate addresses to our customers (keep the customer
satisfied, as they say), and are considering slipping a net4801 between the
customer router and our firewall, with the exclusive job of doing 1:1
mapping of blocks of addresses. That is, we'd like to be able to make
192.168.4.0/24 turn into 192.168.7.0/24 (or something like that).
We've not been able to see an easy way to do that, short of entering 253
individual rules. I'm sure ipnat can do such a thing, just not sure how to
ask the GUI to make it happen.
We've been messing around with using the exec.php URL to stuff ipnat
commands in, but they will naturally disappear after a boot.
Anything easy I've missed?
Chad R. Larson (CRL22) chad at eldocomp dot com
Eldorado Computing, Inc. 602-604-3100
5353 North 16th Street, Suite 400
Phoenix, Arizona 85016-3228
-- CONFIDENTIALITY NOTICE --
This message is intended for the sole use of the individual and entity to whom it is addressed, and
may contain information that is privileged, confidential and exempt from disclosure under applicable
law. If you are not the intended addressee, nor authorized to receive for the intended addressee,
you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or
any information contained in the message. If you have received this message in error, please
immediately advise the sender by reply email, and delete the message. Thank you.