Is it possible to have two different 1to1 NAT entries for the same local address? If I understand what 1to1 NAT does, I don''t think it is, but I need to figure out a way to make it work. Here''s the setup: eth0 --> net 12.22.206.XX eth1 --> net 66.14.6.XX eth2 --> loc 192.168.2.1 Say one of the local machines (192.168.2.100) is a windows terminal server. I would like to be able to RDC into BOTH 12.22.206.100 and 66.14.6.100 to get the the same local IP 192.168.2.100. Currently I am trying just two entries in the nat file for the same local IP. Only 1 of the 2 entries is working (well, the local IP works internally just fine too). Is what I''m trying to do possible? Any help would be much appreciated. ~Jonathan Gnagy ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
Jonathan Gnagy wrote:> Is it possible to have two different 1to1 NAT entries for the same local > address? If I understand what 1to1 NAT does, I don''t think it is, but I > need to figure out a way to make it work. Here''s the setup: > > eth0 --> net 12.22.206.XX > eth1 --> net 66.14.6.XX > eth2 --> loc 192.168.2.1 > > Say one of the local machines (192.168.2.100) is a windows terminal > server. I would like to be able to RDC into BOTH 12.22.206.100 and > 66.14.6.100 to get the the same local IP 192.168.2.100.Why don''t you just use DNAT rules rather than 1-to-1 NAT? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote:> Jonathan Gnagy wrote: >>Is it possible to have two different 1to1 NAT entries for the same local >>address? If I understand what 1to1 NAT does, I don''t think it is, but I >>need to figure out a way to make it work. Here''s the setup: >> >>eth0 --> net 12.22.206.XX >>eth1 --> net 66.14.6.XX >>eth2 --> loc 192.168.2.1 >> >>Say one of the local machines (192.168.2.100) is a windows terminal >>server. I would like to be able to RDC into BOTH 12.22.206.100 and >>66.14.6.100 to get the the same local IP 192.168.2.100. > > Why don''t you just use DNAT rules rather than 1-to-1 NAT? >I''m assuming that you have already configured the two net interfaces as described at http://www.shorewall.net/Shorewall_and_Routing.html#id2857822 In theory, there should be no problem with using two one-to-one NAT rules for the same local IP if you have your system configured as shown in that article but I have not personally tried it (I have tried proxy ARP via one interface and DNAT through the other and verified that that combination works). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key