Dear Dirk,
Thank you for the suggestion and you are correct. I
did read the ip route man page and tried out few
options that could enable static NAT but invain.
The actual problem was with arp address it would use
to reply back any packet it will recieve back and
forth.
The logical interface had external IP and added to get
an arp entry on firewall.
The entries i tried with ip route are as below.
ip route add nat 10.x.x.111/32 via 212.x.x.x/32
ip rule add from 212.x.x.x/32 nat 10.x.x.111 prio 1000
I am sorry for not revealing the public ip and
internal ip as am not permitted to do.
Please let me know if i am missing something
Thank you
Vishwesh
--- Dirk Tilger <[EMAIL PROTECTED]> wrote:
> --- vishweshwar rao <[EMAIL PROTECTED]> wrote:
> > Dear All,
>
> Dear vishweshwar rao,
>
> thank you for thread hijacking.
>
> > I am trying to implement Static NAT on Redhat
> > Enterprise AS 3.0 used as firewall.
> > I could implement it, but i had to add logical
> > interface on firewall for success.
> > Would like to know if its possible without adding
> the
> > interface.
>
> iproute2 is your friend. Check "ip route help",
> you'll find "nat" at
> certain route options. I don't remember how it
> works, but I'm confident
> Google will reveal something. This is especially
> made for static NAT,
> it doesn't require Netfilter ("iptables") and used
> to be faster than
> Netfilter.
>
> On the other hand, Netfilter should be able to
> handle it. It becomes a
> bit dirty, though, if you need to allow unrestricted
> traffic pass in
> both directions. What did you do with the logical
> interface you were
> mentioning?
>
> Dirk.
>
>
>
> Yahoo! Groups Links
>
>
> [EMAIL PROTECTED]
>
>
>
>
>
>
___________________________________________________________
Try the all-new Yahoo! Mail. "The New Version is radically easier to use" The
Wall Street Journal
http://uk.docs.yahoo.com/nowyoucan.html
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/dubailug/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
