Hi Andreas, Andreas Günther schrieb am 04.10.2019 08:41 (GMT +02:00):
> Hi, > > I want to use IPv6 addresses externally and IPv4 with 192.168.1.0/24 > internally on virtual machines in an internal network. <SNIP> > 2) How do I do port forwarding or NAT for e.g. SMTP on incoming > 2a03: 6500: 5ca: 45a :: 3 to 192.168.1.3 > so that I get SSH and SMPT from the outside (IPv6) to inside (IPv4)? I can't answer your question directly as I don't have any experience with NAT64 mechanisms. But what I found pretty easy to set up is IPv6 NAT. I have one machine that does not get a larger global IPv6 prefix that it could use to assign addresses to downstream (virtual) interfaces. So instead I use unique local unicast addresses (ULA fd00::/8) for the downstream interfaces and NAT to translate between the global 2000::/3 addresses and the internal fd00::/8 addresses. That works quite well and the same way as IPv4 NAT in shorewall. A rule in /etc/shorewall6/snat might look like this (where "enp1s0" is your external interface): MASQUERADE fd1a:2401:185a:ea93::/64 enp1s0 And then you'd have to configure port forwarding just like IPv4. Maybe this helps. Cheers, Timo _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
