Hi All

Would it be possible to do Outbound NATing between OPT1 and OPT2.

My plan is to present all traffic leaving monowall out the OPT2 
interface to appear to be coming from the IP of OPT2 interface.

For example, a server on OPT1 network (Server IP = 192.168.21.2) trying 
to connect to a server hanging off the OPT2 network (Server IP = 
10.0.0.1/24) would appear to be coming from the IP of the OPT2 interface 
(INT IP = 192.168.20.1).

This is the rule I was planning on trying.

Interface   Source            Destination      Target
OPT2        192.168.20.0/24        *             *

In addition to this I have a remote site (m0n0wall#1) that creates an 
IPSEC tunnel to the site.

The IPSEC tunnel is created between subnet 192.168.1.0/24 and 
10.0.0.0/24 (a network that hangs off the OPT2 interface)
I'll also have a 2nd IPSEC tunnel between 192.168.1.0/24 and 
192.168.20.0/22 (this will cover 192.168.20.0 - 192.168.23.0 on m0n0wall#2)

I wanted to create an outbound NAT rule for the 192.168.1.0/24 subnet as 
well, this is what I was planning on using.

Interface   Source            Destination      Target
OPT2        192.168.1.0/24         *             *

Now because this subnet (192.168.1.0) is on a remote site connecting 
through to m0n0wall#2 over IPSEC, is this going to be an issue? Will it 
work?

Of course I will also have a static route on m0n0wall#2 pointing to the 
Cisco Router to get to the 10.0.0.0/24 network

Here is a rough diagram.

  Remote Subnet
  192.168.1.0/24
       |
       |
       |
   m0n0wall#1
       |
       |
       | Internet (IPSEC Tunnel)
       |
       |                                       10.0.0.1/24
   m0n0wall#2--------------Cisco Router-----------Server#1
       |     OPT2            (No NAT)   10.0.0.0/24
       |     192.168.20.0/24
       |
       |
       |
       |
  OPT1 192.168.21.0/24

I hope someone can help

Thanks

Oh yeah... here's a Christmas tip. m0n0wall merchandise makes a great 
gift idea, I have put some m0n0 items on my wish list so should you! :-)

Mark