[ previous ] [ next ] [ threads ]
 
 From:  "D. Ubevidste" <detubevidste at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Cc:  david underscore cooper at elwyn dot org
 Subject:  Reverse NAT on WAN if
 Date:  Fri, 17 Dec 2004 14:53:11 -0500
Found the message below, on this topic but no follow-ups. What we're
looking for is a map- or hide-type NAT externally, so that all
internet traffic bound for internal services gets mapped behind a
dummy address on the firewall's external segment. Traffic for servers
may come in through different firewalls, and we need a way to 
basically need to be able to ensure that it is routed back out through
the proper gateway.


My memory is that ipf/ipnat would do it like this 

ext0:firewall's external if, 
gw.ex.ter.nal:  firewall's external IP
192.168.0.0/24: LAN segment

# ipnat.conf
# outbound nat rules for internal clients must come first
map ext0 192.168.0.0/24 -> gw.ex.ter.nal/32 portmap tcp/udp auto
map ext0 192.168.0.0/24 -> gw.ex.ter.nal/32

# inbound NAT rules to hide sources
map ext0 0.0.0.0/0 -> du.mm.m.y/32 portmap tcp auto


Possible? Probable? 


Many thanks,

D. Ubevidste


> To:   	<m0n0wall at lists dot m0n0 dot ch>
> From:  	"David Cooper" <david underscore cooper at elwyn dot org>
> Subject:  	Potential feature requests: Reverse Nat and Routing Protocols
> Date:  	Mon, 9 Feb 2004 10:11:52 -0500
>
>Is there a way to get M0n0wall to "Reverse NAT". This means that NAT takes
>public requests and uses NAT to translate them to the internal network as
>itself. This allowed the use of more than one firewall in a network, without
>having to change the gateway address.