Iptables: How do I forwarding public IPs into a router inside a privateIP network?
This is a discussion on Iptables: How do I forwarding public IPs into a router inside a privateIP network? within the Linux Networking forums, part of the Linux Forums category; Hello I have the following 10.0.0.0/8 Linux network behind a linux firewall. I am using iptables/...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-21-2003
|
|||
|
|||
Iptables: How do I forwarding public IPs into a router inside a privateIP network?
Hello I have the following 10.0.0.0/8 Linux network behind a linux firewall. I am using iptables/NAT-MASQ (via arno's firewall script) to do port forwarding to the WWW, e-mail, etc. servers off one IP. All that works well. My problem is that I now have to provide internet access into an internal router that is a gateway to a 10.0.0.0/8 network. I have more public IPs so I hope there is some way to forward, tunnel or bridge to do this. WWW<--> (eth0)[Firewall](eth1)<-->(eth0)[WWW Server](eth1) <--> Internal Network <--> router <--> customer 10.0.0.0/8 network. In the internal network I have a dial on demand router that is also doing NAT 10.0.0.0/8. The customer would prefer not to renumber. ----------- THe Masquerade HOW TO kinda talks doing this with iptables. Does anybody have an idea that I could try? Thank You 
|
|
11-23-2003
|
|||
|
|||
|
Re: Iptables: How do I forwarding public IPs into a router inside a private IP network?
Stephen Hurrell <shurrell@tbpl.thunder-bay.on.ca> wrote:
> I have the following 10.0.0.0/8 Linux network behind a linux firewall. > I am using iptables/NAT-MASQ (via arno's firewall script) to do port > forwarding to the WWW, e-mail, etc. servers off one IP. All that works > well. > > My problem is that I now have to provide internet access into an > internal router that is a gateway to a 10.0.0.0/8 network. I have more > public IPs so I hope there is some way to forward, tunnel or bridge to > do this. Hm, are you saying, that you currently have only WWW and email access for your internal network via proxy server(s) to the Internet, and now you want fullblown Internet access for the internal network? > WWW<--> > (eth0)[Firewall](eth1)<-->(eth0)[WWW Server](eth1) > <--> Internal Network <--> router > <--> customer 10.0.0.0/8 network. > > In the internal network I have a dial on demand router that is also > doing NAT 10.0.0.0/8. The customer would prefer not to renumber. I'm still confused about your current network setup. You also gave too few information about the IP adrs and netmasks. Is the "Internal Network" above a real network or is it just a description that from here on your internal net begins? You talk about an internal router and a dial on demand router above, are these two routers or are you talking about the same one? What sense does it make to have a dial on demand router in an internal network? Do you have two direct connections to the Internet, one via the Firewall and a second one via your dial on demand router? You see, still lots of confusion here on my side. :-) I guess you need to better explain and give more information about your current setup and about what you want to achieve. Ciao, Horst -- »When pings go wrong (It hurts me too)« E.Clapton/E.James/P.Tscharn
|
Linear Mode
