[ale] DNAT question.

Chris Fowler cfowler at outpostsentinel.com
Tue Sep 22 14:46:45 EDT 2009


I have a situation where I want to access remote devices and I think
dnat is the answer.



I have many devices installed on remote networks that VPN back to a
server running CentOS 5.X.  The subnet on this VPN network is
10.0.5.0/24.  The server is 10.0.5.1 and each device is
10.0.5.2,3,4,... 

In the past if I wanted to access 192.168.5.5 on the remote network I
would set up MASQ where on my device eth0 is considered the public and
the VPN connection to me is considered the private.  On the server I add
192.168.5.5/32 -> 10.0.5.2.  This works great but in some cases
192.168.5.5 is at every site!  My idea is to use DNAT on my device
running 2.4.X kernel to map 10.0.6.2 to 192.168.5.5. that is accessible
over eth0 of the local lan there.  

What issues will I run into?  

Chris




More information about the Ale mailing list