On Thu, Nov 07, 2002 at 09:00:07PM -0500, Kevin Coyner wrote...... > <snip> > > Oh! Oh! Oh! The router doesn't know about the 10.0.0.0 network. It > > needs a static route to 192.168.2.150 to reach the 10.0.0.0/24 > > network. That's why! The traffic leaves fine, the router doesn't > > know where to send the responding traffic to reach 10.0.0.?. > > > So does this mean I need to set up NAT/Masquerading on the proxy box > 192.168.2.150/10.10.10.10? In that way it will be hiding/translating > all of the 10.0.0.0 network clients from the router ...? > > Hmmmmm ... maybe gettting close.
Solved !!! Thanks much Jeff for helping out and getting me on the right
path.
It's as you suspected, the router didn't know about the 10.0.0.0 network
so I had to have the proxy server sumida do NAT in order to convert from
the 192.168.2.0 network to the 10.0.0.0 network. Probably obvious to
some, but not to me in my first attempt at this.
Since I've had my router assign a fixed IP of 192.168.2.150 to sumida's
first NIC, I've gone with SNAT for the setup. And once that was
decided, the key entry for iptables was ...
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to ${NAT}
... with $NAT being 192.168.2.150 (the NIC connection to the internet).
Again, thanks for your help.
Kevin
--
Kevin Coyner
mailto: [EMAIL PROTECTED]
GnuPG key: 1024D/8CE11941
msg11676/pgp00000.pgp
Description: PGP signature
