I have an Astaro with four additional IP-addresses on the external interface. (total 5 IP-addresses on that interface)
Each of the four IP-addresses is dnat:ed to separate internal networks with their own internal physical interface.
I also have one VPN connection to all internal networks.
My problem is when a machine on a internal network makes a socket connection. When connection to the internet the internal source IP-address has to be translated to the representative external IP-address.
One solution is to use snat, but when connection through the VPN-tunnel, no snat should be done! Only when connection to the Internet.
Another solution is to user masquerading on the external interface, but it wont work becasue Astaro is using the "main" external IP-address when using masquerading , I cannot select a additional IP-address on the external interface when using masquerading.
Does anybody have a solution?
This thread was automatically locked due to age.
