Of course It Can!
Can NAT Do this? (Bill Harris)
|
With a few tips from Dan Lasley and Michael Hasenstein I have an answer to my question. Yes it certainly can do it.
Dan has done a handy little patch to let Linux do proxy arp on one of the ether cards the way we have always needed to do proxy arp for ppp links. He discusses these in previous forum messages. Dan's situation is far more complicated than mine and once the ipnatadm is running and Dan's arp patch is applied, only 2 lines are required to allow the world through the firewall to the internal NT server. arp -s 206.229.231.17 00:C0:DF:AB:97:3B pub ipnatadm -O -i -b -W eth0 -S 192.168.200.17/32 -M 206.229.31.17/32 This is not a production environment so we won't complicate things worrying about limiting traffic to a specific port or firewall rules at this point. The arp command is less complicated than the one Dan gave me but it does the trick and I think is a bit easier to understand with respect to my drawing. Basically all it does is bind my fake public IP address to the MAC layer address of eth0 on the Linux NAT box. I will be putting this into production with a large company. These folks have a WAN with five locations and they want a system at each location to be accessible from the Internet to select mobile users. They understand that this is alpha code and are excited to be involved. I will let you'all know how it is going. Bill Harris |
Messages
Outline:
Yes and it could be even more simple by Rolf Cronberg, 11/28/97
About the mentioned arp-patch by Michael Hasenstein, 12/03/97
Is there a Router involved? by Bill Harris, 12/14/97
Do you have all routes installed? by Michael Hasenstein, 12/15/97
