|
||||||||
Thanks Lee. So there's nothing to be done with routing where we can send all traffic destined for the 192.168.75 network through the tunnel? As far as setting up server based NAT's, can you explain further? -----Original Message----- From: Lee Sharp [mailto:leesharp at hal dash pc dot org] Sent: Wednesday, May 30, 2007 3:17 PM To: m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] NAT an internal address to a DMZ address? Marty Nelson wrote: > Rick, thanks for the response. > > Here's the bizarre situation I find myself in. > > I've created a tunnel between my network and a customers, the only problem was that I had to establish the tunnel between our DMZ and their network because their address space overlapped with ours. > > In order to access anything on their network (192.168.75), our systems have to be in our DMZ address range (10.100.2). What I was hoping to do is NAT a computer on our internal network (192.168.3) to an address in our DMZ (10.100.2) address so that they can then go through the tunnel and access resources on our customers network. > > Did any of that make sense? ;-) Makes sense, but it won't work. You will try to go to "there" server at 192.168.75,20 and you system will say "Oh that is local" and never send it to the gateway. One of you needs to change, or do server based nat and have lots of IPs. Lee --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |