Hi all,
I need to do advanced configurations on the RRAS/NAT server on W3K, which I
found out is very limited in packet manipulation.....
I have been looking around for quite a while now and couldn’t find anything
that could answer my question.
I have a W3K server with RRAS service enabled and with 2 network cards:
172.16.0.1/24 (private)
11.11.11.1/24 (public) (this interface is connected to another network
directly to 11.11.11.2 --linux machine--in a lab environment)
I want to do a one to one nating on the public interface by using a fictive
pool like (from 172.16.101.1/24 to 172.16.101.255/24)
To hide the real network from the other side that is using the same IPs.
Is that doable under w3k?
Real Network Dummy network IPSec Tunnel
Dummy network Real Network
(172.16.0.0/24)----------(172.16.101.0/24)----------(11.11.11.1---11.11.11.2)----------(172.16.100.0/24)----------(172.16.0.0/24)
I tried it without success by making a reservation also eg: 172.16.101.2
reserved for 172.16.0.2 with the option accept inbound traffic.For outbound
traffic it works just fine and I get a reply on 172.16.101.2 and the reply is
translated. But for inbound traffic the frames are stuck at the public
interface (I can see them in network monitor) without being translated, maybe
because am using a pool with
different subnet then the real address of the external card, which causes
the network card to discard the frame!!!!!!!!!!!!!!!!
I tried this setup on a Linux machine it worked very smoothly I used
POSTROUTING with SNAT and PREROUTING with DNAT on the public interface.....
Any help on this matter is really appreciated.
Thank you in advance.
|
Similar Threads
Linear Mode
