Date: Mon, 12 Mar 2018 14:27:43 +0100 From: Rick van der Zwet <info@rickvanderzwet.nl> To: freebsd-pf@freebsd.org Subject: NAT possible with single interface box? Message-ID: <f6c9dffed567fdf0218ae34fc3097062@rickvanderzwet.nl>
next in thread | raw e-mail | index | archive | help
Hi,
Could NAT translation be done with a single interface system without the
use of VLANs?
I have ,a rather odd, (simplified) network configuration:
- single interface system (Router) which has two private IP addresses
172.16.0.10/24 and 192.168.1.10/24.
- The gateway (to the internet) is found at 192.168.1.1
- The Client with IP 172.16.0.20/24
The Client (cannot be modified) is supposed to connect to the internet
via the Router.
My pf rules on Router are:
nat on sis0 inet proto tcp from 172.16.0.0/24 to !172.16.0.0/24 ->
192.168.1.10
Router is configured to allow routing:
net.inet.ip.forwarding=1
pf.conf(5) tell me it will do translation on pass through packets:
Translation rules apply only to packets that pass through the
specified
interface, and if no interface is specified, translation is applied
to
packets on all interfaces.
Looking at tcpdump of the router I do not see packages been translated
yet only being forwarded, which leaves me wondering could this be done
at all?
Best regards,
-Rick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f6c9dffed567fdf0218ae34fc3097062>