[Shorewall-users] Routable Adresses on Private LAN (WAS: AD-Filter?)
Sat, 12 Jan 2002 15:42:15 -0600 (CST)
Sorry for incorrect title. I used reply, and thought I had changed it :/
It something is also freaking out on my end...I have 6 copies of my original
message forwarded back to me...
----- Forwarded message from email@example.com -----
I am in the process of setting up a firewall to protect a range of 128 routable
addresses. They need to be routable because of this client's need to access
multiple-vendor VPN systems, using both client-to-subnet connections and
to-subnet connections, mostly in aggressive mode; thus, likely to be broken by
NAT. The documentation and my web searches have shown little in they way of
example configurations, and not much general discussion on the approach. I
realize the NAT'd private address approach is more prevalent, but I'd
appreciate some background perspective from anyone has implemented such a
1. Are there any example configurations around for this type of setup?
2. Is the implementation simply a matter of leaving the NAT settings off and
supplying the proper internal range?
3. Are any additional/different rules necessary or advisable in such a system?
4. Any other issues a relative newcomer should be aware of, or background docs
anyone might point me to?
----- End forwarded message -----