From owner-freebsd-isp Mon Jul 1 5:27:35 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 75B4037B400 for ; Mon, 1 Jul 2002 05:27:32 -0700 (PDT) Received: from marvin.trident-uk.co.uk (mail.trident-uk.co.uk [195.166.16.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED55B43E0A for ; Mon, 1 Jul 2002 05:27:30 -0700 (PDT) (envelope-from jamie@tridentmicrosystems.co.uk) Received: (from root@localhost) by marvin.trident-uk.co.uk (8.11.1/8.11.1) id g61C7nR63731 for freebsd-isp@freebsd.org; Mon, 1 Jul 2002 13:07:49 +0100 (BST) Received: from JAMIEHECKFORD (wrkstn-68.pe.trident-uk.co.uk [192.168.100.68]) by marvin.trident-uk.co.uk (8.11.1/8.11.1av) with SMTP id g61C7kD63722 for ; Mon, 1 Jul 2002 13:07:47 +0100 (BST) Message-ID: <07f301c220fa$a81d71d0$4464a8c0@JAMIEHECKFORD> From: "Jamie Heckford" To: Subject: VPN and NAT Date: Mon, 1 Jul 2002 13:27:24 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I've been browsing around looking at VPN examples and howtos for FreeBSD, wondering if anyone can give me further insight to the following: Single box that "catches" traffic destined for a certain network and routes it over the VPN link. Incoming traffic from the other VPN is passed through. Any traffic that is not destined for one of the VPN routed networks is NAT'ed. Is it possible to do a: ipfw add divert nat from 192.168.102.0/24 to any except 192.168.105.0/24? And would this still allow the VPN traffic to pass through ok? Ideally I want my VPN and NAT interface to exist on the same IP address, but it to pass the VPN traffic out non-NAT'd. Any help appreciated :) thanks, -- Jamie Heckford Network Manager Trident Microsystems Ltd Tel: 01737 780790 Fax: 01737 771908 http://www.tridentmicrosystems.co.uk *********** This e-mail message contains confidential information for the above addressee only. Any opinion or views contained in this e-mail message are those of the sender and do not necessarily represent those of the Company. Unless otherwise stated this e-mail message is not intended to be contractually binding. E-mail transmission cannot be guaranteed to be secure or error-free and the sender therefore does not accept liability for any errors or omissions in the contents of this message. Trident Microsystems Ltd Group of Companies Perrywood Business Park, Honeycrock Lane, Salfords, Redhill, Surrey, RH1 5JQ Tel: (44) (0) 1737 780790 Fax: (44) (0) 1737 771908 Registered office: Abacus House, Bone Lane, Newbury, Berkshire, RG14 5SF To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message