[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Routing private networks



Perfect!  I got it working
Here is the rule
Do I need the 2nd no nat rule or is it just extra and in the way?
WAN  = "xl0"
LAN  = "xl1"
LAN2 = "xl2"
no nat from $LAN to $LAN2
no nat from $LAN2 to $LAN
nat on $WAN inet from 192.168.0.0/24 to any -> ($WAN)
nat on $WAN inet from 10.0.0.0/16 to any -> ($WAN)
Thanks!
--Bryan
----- Original Message ----- 
From: "Srebrenko Sehic" <[email protected]>
To: "Bryan Irvine" <[email protected]>
Cc: <[email protected]>
Sent: Thursday, March 20, 2003 12:59 PM
Subject: Re: Routing private networks
> On Thu, Mar 20, 2003 at 11:02:03AM -0800, Bryan Irvine wrote:
> 
> > no nat on $WAN from $LAN to $DMZ
> > no nat on $WAN from $DMZ to $LAN
> > nat on $WAN inet from $LAN to any -> ($WAN)
> > nat on $WAN inet from $DMZ to any -> ($WAN)
> 
> Packets from $LAN to $DMZ and vice versa, never go across $WAN
> interface. Hence,
> 
> "no nat on $WAN from $LAN to $DMZ" is bogus. It does nothing.
> 
> Try, "no nat from $LAN to $DMZ"
> 
> // haver
> 
>