I don't think Gnatbox was designe dwith having multiple subnets on the same interface, especially if one is passthrough while the other is NAT.
Chris Green >From: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: anyone run a similar setup? >Date: Thu, 22 Nov 2001 02:49:02 -0600 > >--------------------- Attention ----------------------------- >A digest version of this list is now available. >Send email to [EMAIL PROTECTED], with the following message: >subscribe gb-users-digest your_email_address >Then unsubscribe from this list. >------------------------------------------------------------- >GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi >Send postings to: [EMAIL PROTECTED] >Access the list archives at: http://www.gnatbox.com/gb-users/ >------------------------------------------------------------- >Has anyone run a similar setup? >This will probably be confusing but I will use x.x.x.x for fictitious >public addresses and use the full address for the private ones. > >IF1 EXT x.x.1.1/24 >IF2 PSN x.x.2.1/24 > >A route on the outside routes x.x.2.0/24 to x.x.1.1 >x.x.2.0/24 defined as an IP Passthrough network. > >All the x.x.2.0 traffic basically doesn't use nat at all and filters >are defined in the IP Passthrough filter section. > >Now the tricky part. Bind a private IP to IF2 say 192.168.1.1/24 > >So it now looks like. > >IF2 PSN x.x.2.1 and 192.168.1.1 > >The question is will the private addresses work fine using NAT on that >same interface? > >...and before anyone even says it...yes it would be better to have an >IF3 and put the private addresses there but that isn't the question. >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
