[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] NAT multiple subnets
 Date:  Fri, 31 Mar 2006 18:31:34 -0500 
On 3/31/06, Richard Parvass <Richard dot Parvass at aaland dot co dot uk> wrote:
> I've seen talk of putting several outbound nat rules in for multiple subnets, but is it possible
to use just one nat rule that uses, say, a /22 subnet to encompass multiple subnets? I'm trying to
produce a template configuration that requires minimal changes to drop into site. Example, sites
192.168.1.x, 2.x, 3.x, 4.x all fall under a /22 subnet but are different physical sites separated by
m0n0 VPNs. Will the VPN and outbound NAT function correctly using this /22 (I have to use advanced
OB NAT to allow access to the ADSL modem).
>

I don't know that any advanced outbound NAT setup will work for
subnets coming in over IPsec.

If they were internal subnets, summarizing with a /22 should work fine
even if they're off multiple interfaces or routers or whatever.

My advice is to try it and let us know what happens..  I don't recall
anybody using this type of setup for Internet access.

-Chris