This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNAT exception config?

I want configure SNAT exception, that -
our network has two segment like this:
Internal: 10.0.0.0/8
DMZ:172.16.0.0/16

Internal boxes go out to the internet using SNAT like this configure:
internal_Network__ -> All / All THE_GLOBAL_IP None
But I want to internal boxes access to the DMZ machenes on [no translation].

Can Anyone confugure this situation?

This thread was automatically locked due to age.

Parents

0 cyclops over 22 years ago

una,

isn't that the default? Masquerading on the external interface translates only packets leaving this particular interface.

Greetings
cyclops
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 cyclops over 22 years ago

una,

isn't that the default? Masquerading on the external interface translates only packets leaving this particular interface.

Greetings
cyclops
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 una over 22 years ago in reply to cyclops

Thanks, your reply, cyclops.

My external interface's IP only use in ROUTING, and different from my showing global IP.

topology:
Code:

  
+----------------+
|      router    |
+----------------+
     | 210.103.137.29/30
     |
     |
     | 210.103.137.30/30(Public Interface's IP)
+----------------+
|      ASL       |
|210.103.136.0/24|
+----------------+
 | 10.0.0.1/8 | 172.16.0.1/16
 |            |
 |            |
+---------+  +------------+
|Internal |  |     DMZ    |
+---------+  +------------+

I want go out on 210.103.136.1.
So, I can't use MASQ.
I'm using SNAT.