I would say to get rid of the cisco box and put a linux box with IPSEC between the 2 networks... that's what I did with my 1700 ;) It became redundant once I got RedHat 7.1 onto the firewall and used DNAT/SNAT.... the router become just a router and wasted an external IP... PS: Got confused with your ascii art. too early in the morning for me.. ;) Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au -----Original Message----- From: edgar bautista [mailto:edgar_bautista@xxxxxxxxxxx] Sent: Wednesday, June 04, 2003 3:08 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Configuration problem.. >>Hi there!! >>I´ve got the next configuration, so let me try to explain my ascii art. >> >>In city A I´ve on my netwok 1 the IP´s 192.1.x.1/24 >>The 1760 Router has the ip 192.1.x.254 >>In this side I use a red hat 8.0 with nat and i use it to give >>internet access to some pc´s in Network 1 using : IPTABLES -T NAT >>-A POSTROUTING -O ETH1 -J MASQUERADE -S WS_IPADDRESS -D 0.0.0.0/0 >>In the linus box I´ve got 2 Nic´s with the addresses 174.19.4.7 the >>internal nic and the other with the ip adderess 174.19.4.1 the >>external directly connected to the modem. >>Everythig works fine I`ve got internet service in Network 1 in City A. >> >> >>The Goal here is to give internet service to Nerwork 2 using this >>structure. >>In Network 2 ( City 2 ) the ip addresses have the form 192.1.y.1/24 >>The router has the address 192.1.y.254 >> >>When I try to make ping from any station from Network1 to Network2 >>I`ve got a response but if a try to make a ping from Network 2 to >>Netwok 1 I just can get a response from any station except when I >>try to ping to the Linux Box where the Nat resides so I can configure my >>clients in Network2 as I did cause they need to "see"the linux box. >> >>Can some one help me to perform this? or maybe the cuestion should be.... >>is this configuration posible? >> >>Another question is about how to configure my clients in Network 2 to >>provide internet access, do you belive that this configuration using the >>cisco has problems? >> >>Just in Network 1 I´ve got a NT 4.0 using wins and in network 2 >>I´ve no serves of any kind just the routers an a workstation with just one >>nic. >> >>Is my problem about name resolution? >> >>Thanks a lot. >>Edgar Bautista >> >> CITY A CITY B >>Internet<--¦Adsl Modem¦-¦RH8.0¦---- NET1 NET2 >> ¦ >> ¦ >> HUB >>HUB >> ¦ >> ¦ >> >>CISCO--------------CISCO >> 1760 >>1751 >> > _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
