On 11 Jul 98, at 22:38, Bill Eldridge wrote:
> I think this has been addressed a few times,
> but without quite satisfactory results.
>
> I have a private subnet behind an NAT
> proxy server (IPMASQ), and a public subnet
> on the other side with the NT PDC on the public.
I have done some limited testing on this subject. They way I got
around it was this:
1) set a rule on the masq box that looks like this (1.2.3.4 is
"public" subnet):
ipfwadm -F -a accept -S 1.2.3.4/24 -D 192.168.1.0/24
This allows any connections from the public subnet back across to
the masq'd network without any masquerading.
2) manually add a route to the route tables on the PDC and/or BDC
(which are on the public subnet) to the 192.168.1.0 net with the
gateway being the public address of the masq box.
Of course, using a wins server is required, as others have
suggested. This allowed me to do domain logins.
I would think you could also add the route back to the masq'd
network at your main router or firewall, to keep from having to put
manual routes in on your PDC/BDC's, and other machines.
HTH,
Doug
__________________________________________________
Doug Kite email: [EMAIL PROTECTED]
Network Administrator phone: 252-559-6442
Lenoir County MIS fax: 252-523-0371
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
