Solved

NAT entire network

Posted on 2008-10-23
3
329 Views
Last Modified: 2013-12-16
Local network = 172.20.1.0/24
Needs to NAT to = 192.168.76.0\24
Example 172.20.1.15 needs to be nat'd to 192.168.76.15.

I'm just curious what config file I need to use in Shorewall to accomplish this and how it would look.  Thanks in advance for your help.
0
Comment
Question by:MainStaySolutions
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Accepted Solution

by:
larsga earned 500 total points
ID: 22790328
Might the following be of help?
http://www.shorewall.net/NAT.htm

That article is a bit old, but if current shorewall behaves the same, it would be something like:

/etc/shorewall/nat

#EXTERNAL       INTERFACE         INTERNAL      ALL INTERFACES     LOCAL
192.168.17.1     eth0                172.20.1.1          no                    no
192.168.17.2     eth0                172.20.1.2          no                    no
192.168.17.3     eth0                172.20.1.3          no                    no

Repeat for all addresses needing 1:1 nat.
0
 

Author Comment

by:MainStaySolutions
ID: 22790402
I was trying to sway away from nat'ing  individual addresses, and did find a fix for it.  I put this in my /etc/shorewall/masq file and it seems to have worked, but I still have some testing to do.  Thanks for your response.

#INTERFACE              SUBNET          ADDRESS         PROTO   PORT(S) IPSEC
eth4    eth1
eth2:!192.168.76.0/24   eth1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
0
 

Author Closing Comment

by:MainStaySolutions
ID: 31509368
Thanks for your quick response.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question