Stefan Lindecke <(E-Mail Removed)> wrote:
> Follwowing problem, I have two gateway in my company, both working with
> NAT. Standard Gateway ist 192.168.0.99.
> static routing works for subnets going over 192.168.0.1.
> But sometime its necessary, that some PC using netservices (http,nntp
> and so on) routing through the NON standard gateway
....
> Can someone help me, i´ve tried it with SNAT DNAT, PREROUTING, but no
> chance, to change the standradgateway for this connection.....
I would rearrange the topology(1) a little bit:
Internet line 1 Internet line 2
| |
----------------- 10.0.0.99/24 -----------------
| default gw |----------------------| cisco vpn |
| 192.168.0.99 | | 10.0.0.1/24 |
| NAT | | NAT |
----------------- -----------------
|
INTRANET
192.168.0.1/24
Then use iptables' filter marks and iproute2's policy routing
features.
http://lartc.org/howto/lartc.netfilter.html should get
get you into the right direction.
1) Of course this scenario needs another NIC but it offers you IMO
all options and is the cleaner approach. The advandages are:
you only have one (default) gw on the intranet boxes and you
can easily control the access to the Internet just in one
place on the default gateway.
HTH
Ciao, Horst
--
»When pings go wrong (It hurts me too)« E.Clapton/E.James/P.Tscharn
Similar Threads
Linear Mode
