Thank you for the reply, Ryan. Yes, unfortunately it does not a linux box, but
D-link IP sharing box. it only shows me IPSEC/PPTP tunnel pass through
options on it. so, it should be passed the ipip or gre packet through
the NAT machine right ?
Thanks in advance.
2007/5/22, Ryan Castellucci <ryan.castellucci@xxxxxxxxx>:
If the firewall is a linux system, you should be able to easily use
DNAT to forward the ipip or gre packets to host 'A'.
Something like...
iptables -t nat -A PREROUTING -i [Firewall's internet facing
interface] -s [Host B's IP] -d [Firewall's public IP] -p ipip -j DNAT
--to-destination [Host A's IP]
I'm not sure if connection tracking will do any of this automatically,
but if it were going to work, A would have to send packets to B over
the tunnel first before B could send to A.
--
Ryan Castellucci http://ryanc.org/
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On 5/19/07, shetravel <shetravel@xxxxxxxxx> wrote:
> Hi, Does anyone tried to get ipip or gre tunnel behind NAT environments. ?
> i'm trying to make both side tunneling with ipip or gre with private address
> just like belows..
>
>
> A -------------------FIRWWAL -------------------INET ------------------- B
> PRIVATE PUBLIC
> PUBLIC
> (10.100.0.1) (211.xxx.xxx.xxx)
> (211.xxx.xxx.xxx)
>
> is it possible to make both side connections with IPIP or GRE tunnels ?
> thanks in advance.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
