Re: [masq] Masquerading with the internal Adress

Fuzzy Fox Fri, 23 Oct 1998 12:02:08 -0400
Olivier GOSSELET <[EMAIL PROTECTED]> wrote:
>
> ---- 172.x.x.x network----| Cisco Router |--isdn--| Cisco Router |---- 193.x.x.x 
>network ----| Linux Firewall |---- 173.x.x.x network ----| Cisco Internet Router 
>|---- ?? Internet ??
> 
> The address between our Firewall and the Internet Cisco Router ar
> unofficial ...  so this time i try to masquerade using the internal
> address of our Linux Firewall (wich is official) but without success.

It seems to me that, as long as all the links between the 172.* network
and the Linux Firewall allow passing of default-routed packets in the
firewall's direction, then this should work.  The Linux box could then
masquerade the packet and forward it out to the Internet.  You did say
that the Linux box's IP address is official, i.e. routable on the global
Internet?

Can a box on the 193.* network masq out through the Linux box?  It
should be able to.  Any connection masqing from behind the Linux box
should appear the same as a connection originating directly from the
Linux box.

All you need is some forwarding rules that recognize which networks
should be masq'd, as per usual.

> Is there a way to force the masquerading using the IP address of the
> internal NIC ?

I don't think I understand this question...

-- 
   [EMAIL PROTECTED] (Fuzzy Fox)      || "Nothing takes the taste out of peanut
sometimes known as David DeSimone  ||  butter quite like unrequited love."
  http://www.dallas.net/~fox/      ||                       -- Charlie Brown
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
Re: [masq] Masquerading with the internal Adress

Reply via email to
