[ previous ] [ next ] [ threads ]
 From:  Marty Nelson <MNelson at transdyn dot com>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] NAT an internal address to a DMZ address?
 Date:  Wed, 30 May 2007 14:25:52 -0700
Rick, thanks for the response.

Here's the bizarre situation I find myself in.

I've created a tunnel between my network and a customers, the only problem was that I had to
establish the tunnel between our DMZ and their network because their address space overlapped with

In order to access anything on their network (192.168.75), our systems have to be in our DMZ address
range (10.100.2).  What I was hoping to do is NAT a computer on our internal network (192.168.3) to
an address in our DMZ (10.100.2) address so that they can then go through the tunnel and access
resources on our customers network.

Did any of that make sense? ;-)

-----Original Message-----
From: Rick Preston [mailto:rickjpreston at gmail dot com]
Sent: Wednesday, May 30, 2007 1:30 PM
To: Marty Nelson
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] NAT an internal address to a DMZ address?

On 5/30/07, Marty Nelson <MNelson at transdyn dot com> wrote:
> My internal subnet is 192.168 and my DMZ is 10.100, and what I need to do is NAT a handful of
internal addresses to DMZ addresses, and I'm not sure about how to best accomplish that task.
> Any help would be appreciated.
> Thanks,
> -Marty


To be honest I'm not sure what you are asking for.  Do you just need
to access some machines in you DMZ from your LAN (by name instead of
IP)?  Or do you have something else in mind?

I'm no expert, nor well read on the subject but I don't recall ever
hearing about using NAT between two private address spaces.  Only
between a private and public address space.

My guess is you are looking for something like this

If not, maybe post some more information.