NAT possible with single interface box?
Rick van der Zwet
info at rickvanderzwet.nl
Mon Mar 12 13:27:52 UTC 2018
Hi,
Could NAT translation be done with a single interface system without the
use of VLANs?
I have ,a rather odd, (simplified) network configuration:
- single interface system (Router) which has two private IP addresses
172.16.0.10/24 and 192.168.1.10/24.
- The gateway (to the internet) is found at 192.168.1.1
- The Client with IP 172.16.0.20/24
The Client (cannot be modified) is supposed to connect to the internet
via the Router.
My pf rules on Router are:
nat on sis0 inet proto tcp from 172.16.0.0/24 to !172.16.0.0/24 ->
192.168.1.10
Router is configured to allow routing:
net.inet.ip.forwarding=1
pf.conf(5) tell me it will do translation on pass through packets:
Translation rules apply only to packets that pass through the
specified
interface, and if no interface is specified, translation is applied
to
packets on all interfaces.
Looking at tcpdump of the router I do not see packages been translated
yet only being forwarded, which leaves me wondering could this be done
at all?
Best regards,
-Rick
More information about the freebsd-pf
mailing list