Hi,
I have the following setup:
external_net_1 \
firewall ---- internal_net
external_net_2 /
the machine on the internal_net only has one IP address (in this case
193.72.186.6, could be e.g. 192.168.x.x), but must be reachable from the
outside as: 62.2.159.14 and 194.38.85.209.
The firewall has addresses 62.2.159.15, 194.38.85.206 and 193.72.186.15
(again, this one could have been 192.168.x.x).
[ http://www-internal.alphanet.ch/~schaefer/nf_firewall/firewall.eps
for the graphical version
]
The machine on the internal_net cannot do any special tricks. She must
receive all packets to 193.72.186.6 (the from can be an external address).
Now, the firewall must remember what was the incoming address (62.2.159.14
or 194.38.85.209) and re-NAT it accordingly when it goes out, and send it
on the correct outgoing interface.
So far I have problems to make the SECOND thing work (ie it works for
62.2.159.14, but not for the other: the address is correctly NATed
according to tcpdump -i external_net_2 -n, but does not ever reach the
inside).
You can look at the scripts and graphics at:
http://www-internal.alphanet.ch/~schaefer/nf_firewall/
if you have any idea or hint please do :)
I will try to debug this more, but I wanted to know if what I wanted is at
all possible.
thanks for any idea.
