[ previous ] [ next ] [ threads ]
 
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] NAT an internal address to a DMZ address?
 Date:  Wed, 30 May 2007 17:17:16 -0500
Marty Nelson wrote:
> Rick, thanks for the response.
> 
> Here's the bizarre situation I find myself in.
> 
> I've created a tunnel between my network and a customers, the only problem was that I had to
establish the tunnel between our DMZ and their network because their address space overlapped with
ours.
> 
> In order to access anything on their network (192.168.75), our systems have to be in our DMZ
address range (10.100.2).  What I was hoping to do is NAT a computer on our internal network
(192.168.3) to an address in our DMZ (10.100.2) address so that they can then go through the tunnel
and access resources on our customers network.
> 
> Did any of that make sense? ;-)

Makes sense, but it won't work.  You will try to go to "there" server at 
192.168.75,20 and you system will say "Oh that is local" and never send 
it to the gateway. One of you needs to change, or do server based nat 
and have lots of IPs.

			Lee