Solved

NAT entire network

Posted on 2008-10-23
3
314 Views
Last Modified: 2013-12-16
Local network = 172.20.1.0/24
Needs to NAT to = 192.168.76.0\24
Example 172.20.1.15 needs to be nat'd to 192.168.76.15.

I'm just curious what config file I need to use in Shorewall to accomplish this and how it would look.  Thanks in advance for your help.
0
Comment
Question by:MainStaySolutions
  • 2
3 Comments
 
LVL 4

Accepted Solution

by:
larsga earned 500 total points
ID: 22790328
Might the following be of help?
http://www.shorewall.net/NAT.htm

That article is a bit old, but if current shorewall behaves the same, it would be something like:

/etc/shorewall/nat

#EXTERNAL       INTERFACE         INTERNAL      ALL INTERFACES     LOCAL
192.168.17.1     eth0                172.20.1.1          no                    no
192.168.17.2     eth0                172.20.1.2          no                    no
192.168.17.3     eth0                172.20.1.3          no                    no

Repeat for all addresses needing 1:1 nat.
0
 

Author Comment

by:MainStaySolutions
ID: 22790402
I was trying to sway away from nat'ing  individual addresses, and did find a fix for it.  I put this in my /etc/shorewall/masq file and it seems to have worked, but I still have some testing to do.  Thanks for your response.

#INTERFACE              SUBNET          ADDRESS         PROTO   PORT(S) IPSEC
eth4    eth1
eth2:!192.168.76.0/24   eth1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
0
 

Author Closing Comment

by:MainStaySolutions
ID: 31509368
Thanks for your quick response.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now