[ previous ] [ next ] [ threads ]
 
 From:  Marty Nelson <MNelson at transdyn dot com>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] NAT an internal address to a DMZ address?
 Date:  Wed, 30 May 2007 16:07:10 -0700
Thanks Lee.

So there's nothing to be done with routing where we can send all traffic destined for the 192.168.75
network through the tunnel?

As far as setting up server based NAT's, can you explain further?

-----Original Message-----
From: Lee Sharp [mailto:leesharp at hal dash pc dot org]
Sent: Wednesday, May 30, 2007 3:17 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] NAT an internal address to a DMZ address?

Marty Nelson wrote:
> Rick, thanks for the response.
>
> Here's the bizarre situation I find myself in.
>
> I've created a tunnel between my network and a customers, the only problem was that I had to
establish the tunnel between our DMZ and their network because their address space overlapped with
ours.
>
> In order to access anything on their network (192.168.75), our systems have to be in our DMZ
address range (10.100.2).  What I was hoping to do is NAT a computer on our internal network
(192.168.3) to an address in our DMZ (10.100.2) address so that they can then go through the tunnel
and access resources on our customers network.
>
> Did any of that make sense? ;-)

Makes sense, but it won't work.  You will try to go to "there" server at
192.168.75,20 and you system will say "Oh that is local" and never send
it to the gateway. One of you needs to change, or do server based nat
and have lots of IPs.

                        Lee

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch