Austin, Michael H POJ writes:
> With that cleared up I'd like to ask a question about using SKIP
> with FreeBSD NAT. I've read postings about SKIP and NAT but have
> yet to find one that answers my question:
>
> Can SKIP and NATD work together to provide internet access to
> private LANs/WANs?
I doubt NATD can translate SKIP packets. However, your setup
doesn't make sense to me...
> Private LAN <--> FreeBSD SKIP <--> Router <--> Company WAN <-->
> Router <--> FreeBSD SKIP <--> Internet
What two networks are you trying to tunnel between? Or, who is the
bad guy you're trying to enrypt packets from so they can't read them?
The networks behind tunnel SKIP routers are connected, and the rest
of the Internet is connected, but if you want the two to be connected
and your SKIP networks use private IP addresses, you need a third
router (or at least a different route) doing the address translation..
so NATD and SKIP would be invisible to each other.
For example:
192.168.1.0/24 <-> SKIP <-> any IP network <-> SKIP <-> 192.168.2.0/24
Then, independently, you can add a route from the private nets to the
real Internet using natd:
192.168.1.0/24 <-> SKIP <-> any IP network <-> SKIP <-> 192.168.2.0/24
^
| default route using natd
v
Internet
The problem is if you're running SKIP and natd on the same machine,
it can get confusing. If you can run them on separate interfaces
it should work.
-Archie
___________________________________________________________________________
Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
