/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ That depends. The best thing here (security wise) isto put two ethernet cards in all machines which will be on both networks. It is easily done with one card as well, but more dangerous. Another issue is if your masq machine is running a PtP to the T1 router. in other words: Do you have a network coming in or something else. Let me elaborate on this: One of my networks has a frame relay line coming in. The masq box has a frame relay card (Sangoma). In that case I can't hook any other machines directly to the outside net, because you can't split a frame relay stream. IF YOU HAVE A ROUTER: (Like a CISCO or equivalent) If you have a network coming in, then it is simply a matter of of hooking the other machine on to the router, giving the eth1 or whatever its new IP and routing info and off you are. IF YOU DON'T HAVE A ROUTER: In this case, the first thing to do is to put in another eth in the masq machine. Then you have to use an IP address on that card of the 32 outside addresses and then tell your masq machine that traffic to that net has to go to this card. That makes up for the missing router. Then you hook the other machine up to this card with another IP of the 32 and off you are. Because the other card is connected to the local network and if you leave the default route pointing to the masq machine, then you will still have connection and access to the internal network, and all outgoing traffic which was locally initiated will be masqueraded. Sincerely, Karsten ---------- >From: "Robert Cotran" <[EMAIL PROTECTED]> >To: "IP Masq List" <[EMAIL PROTECTED]> >Subject: [Masq] Accessing external machines on the same hub from a private network. >Date: Mon, Aug 28, 2000, 18:21 > > /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! > /* ALSO: Don't quote this header. It makes you look lame :-) */ > > > Hi guys, > > OK, here's my situation. I have 32 private IPs from UUNET coming in on my > T1. I also have a bunch of machines on a private network (192.168.1.x) on > the same hub. The machines with the private IPs are using a Masqueraded > Linux box to access the internet. The Masq box has one of the 32 public IPs > from UUNET on one of it's network cards and one of the private IPs on the > other network card. My question is this. If I wanted to give one of the > machines that presently has a private IP, a public IP, how could I make it > so it could still see the internal network? Do I have to set up some > routing rules on the Masq box and then tell the machine to continue using > the Masq box as a gateway and then when the machine is looking for a > 192.168.1.x address, the Masq box can tell it where to look? I really have > no idea how to approach this. One idea was to give the Masq box an alias of > the IP I want to assign to the other machine, and then forward EVERYTHING to > that machine, but it sounds pretty sloppy to me. Could somebody please help > me out with this? Thanks! > > Rob > > _______________________________________________ > Masq maillist - [EMAIL PROTECTED] > Admin requests can be handled at http://www.indyramp.com/masq-list/ -- > THIS INCLUDES UNSUBSCRIBING! > or email to [EMAIL PROTECTED] > > PLEASE read the HOWTO and search the archives before posting. > You can start your search at http://www.indyramp.com/masq/ > Please keep general linux/unix/pc/internet questions off the list. _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
