Hi!
Progress is much better now with my new install with not many problems left!
I just have a simple - I hope - question.
I have a few users that need access to the net via masquerade rules. The rest
have to go via squid on the firewall. That all works well.
I also have two windows servers that also need access to the net but they have
to each use a specific outgoing ip address.
I add two snat rules to the masq file.
Then I got a bit confused yet again. I get confused quite easily when trying
to implement new stuff and support crying customers and fools with isa things.
What I did was exclude the two internal ip addresses in the masq rule like
this with the snats below. (Does not quite do what I expected!)
# The masq rules. eth1(2) is the new wireless ISP connection - still
#needs work and testing
# eth1 is internet facing eth0 is local lan
eth1(1)
192.168.9.146,192.168.9.113,192.168.9.114,192.168.9.124!
\192.168.9.250,192.168.9.4 196.17.238.74
eth1(2) 192.168.10.0/24 172.21.1.2
# Do the snats!
eth0 192.168.9.250 196.17.238.76
eth0 192.168.9.4 196.17.238.77
So the question is. do I need to negate the 9.250 and 9.4 servers from the
masq list.
Right now I have the two snat rules commented out and the 9.250 and 9.4
servers in the masq list - I changed the ! to a , and although 9.250 is going
out on the wrong ip address it''s now a train smash yet. The programs
that need
the special ip''s only run now and again and are not madly critical.
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Jesus Loves You!
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
