[ previous ] [ next ] [ threads ]
 
 From:  "Reitinger Rene" <Rene dot Reitinger at krones dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Cc:  "Reitinger Rene" <Rene dot Reitinger at krones dot com>
 Subject:  Subnets in 1:1 NAT
 Date:  Fri, 2 Feb 2007 17:33:03 +0100
Hi,

I have a very strange requirement.

I want to use m0n0wall as a "internal" NAT layer in my computer. I need
this, because in our company only certain private IP ranges can be
routed through the network. But with some applications I need to use the
real IP addresses of the remote maschines in the software projects.

Thus we came up with the idea of a vmware hosting a very tiny linux and
a firewall. Some playing and testing with m0n0wall finally ended up with
this setup:

I use the WAN interface as the "local" interface taking the real
destination addresses and the LAN interface is the "remote" interface,
where the destination addresses are translated to the "routable" IP
addresses.

But I have a problem with the 1:1 NAT configuration, m0n0wall offers to
set a subnetmask, but when i use a sniffer to debug the traffic, the
destination adress in the icmp packet is always the configured subnet
address. Is the subnet feature not yet fully implemented?

Thanks for your help
Rene
**************************************************************************************************
The contents of this email and any attachments are confidential.
They are intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or  the 
sender immediately and do not disclose the contents to anyone or make copies.

** eSafe scanned this email for viruses, vandals and malicious content. **
**************************************************************************************************
Der Inhalt dieser Mail und jeder Anhang ist vertraulich.

Wenn Sie diese Email durch einen Fehler erhalten haben, benachrichtigen Sie 
sofort Ihren Administrator oder den Absender. Behandeln Sie die Email vertraulich.

**************************************************************************************************