[Shorewall-newbies] NAT issue
Tom Eastep
teastep at shorewall.net
Fri Jan 23 14:32:54 PST 2004
On Friday 23 January 2004 02:24 pm, Sakthivel Subramanian wrote:
> Tom,
>
> I added a rule to allow LDAP from loc->fw and routeback to loc interface
> that took care of my issue.
>
> In FAQ 2A, you are suggesting
> "Another good way to approach this problem is to switch from one-to-one NAT
> to Proxy ARP."
>
> If I switch to proxy ARP instead of one-to-one NAT, will I still be able to
> control traffic to the server by adding specific rules in the
> Shorewall/rules file.
Yes, but ProxyARP works best when the server(s) is/are on its/their own LAN
segment. See the Shorewall Setup Guide
(http://www.shorewall.net/shorewall_setup_guide.htm) or My own configuration
(http://www.shorewall.net/myfiles.htm).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies
mailing list