question on NAT for multiple subnets
Ted Mittelstaedt
tedm at toybox.placo.com
Fri Feb 17 14:47:37 PST 2006
>-----Original Message-----
>From: Greg Barniskis [mailto:gregb at scls.lib.wi.us]
>Sent: Friday, February 17, 2006 10:14 AM
>To: Ted Mittelstaedt
>Cc: freebsd-questions
>Subject: Re: question on NAT for multiple subnets
>
>
>Ted Mittelstaedt wrote:
>> I've never done it but I think you can run multiple nat instances
>> and multiple divert sockets, you will have to specify them in the
>> config file to natd, though.
>
>Excellent. That's what I was hoping for. So instead of one "divert
>natd" rule in ipfw, I simply need "divert N", "divert N+1", "divert
>N+2", etc. where N is a port number where I bound my first natd, N+1
>the next natd instance, etc. I think I can manage that.
>
I looked at the man page for natd and they specify the divert port
with -port, and alias address with -alias_address
Your going to have a bit of trial and error to work this config
out but it shouldn't be that bad. I would love to see it posted
here once you get it working.
Ted
PS: A firewall with a shell that you can actually initiate a telnet
session from knocks a PIX into a cocked hat. And I just love
dealing with a PIX on a network that has multiple gateways on it.
Nothing like the lack of icmp redirects to get you swearing.
More information about the freebsd-questions
mailing list