Shorewall users - Apr 2003 - SNAT?

Suppose i want a two legged shorewall, on in 10.0.124.x and one leg in
192.168.221.x

I want the system 10.0.124.7 to be able to contact 192.168.221.7, but I
want announce the 192.168.221.7 system on the address 10.0.124.98

Is this a straight NAT? Or do I need to do more? Do I need to proxyarp? 

What do I need? (part from vacation)

Hi Jan,

On Fri, 25 Apr 2003 16:31:55 +0200, Jan Johansson <jan.johansson@nwl.se> 
wrote:
> Suppose i want a two legged shorewall, on in 10.0.124.x and one leg in
> 192.168.221.x
>
> I want the system 10.0.124.7 to be able to contact 192.168.221.7, but I
> want announce the 192.168.221.7 system on the address 10.0.124.98
>
> Is this a straight NAT? Or do I need to do more? Do I need to proxyarp?
>
> What do I need? (part from vacation)
You have two choices:

a) DNAT -- hosts in 10.0.124.0/24 connect to 10.0.124.98 and the connection 
is forwarded to 192.168.221.7. If 192.168.221.7 connects to a host in 
10.0.124.0/24, the connection will look like it comes from 192.168.221.7.

b) Static NAT -- hosts in 10.0.124.0/24 connect to 10.0.124.98 and the 
connection is forwarded to 192.168.221.7. If 192.168.221.7 connects to a 
host in 10.0.124.0/24, the connection will look like it comes from 
10.0.124.98.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://www.shorewall.net
Washington USA  \ teastep@shorewall.net

>b) Static NAT -- hosts in 10.0.124.0/24 connect to 10.0.124.98 and the 
>connection is forwarded to 192.168.221.7. If 192.168.221.7 connects to
a 
>host in 10.0.124.0/24, the connection will look like it comes from 
>10.0.124.98.
That is what I want then. Many thanks.

Uhm, can anyone see any problems in getting an ODBC connection to work
over such a NAT?