2,187
edits
(→User Accounts: Added user) |
(→NAT: Added Source NAT and pdf link) |
||
Line 149: | Line 149: | ||
=== NAT === | === NAT === | ||
To allow masquerade NAT, out through eth0, from multiple inside addresses out through the router's outside interface address | For full details see http://www.vyatta.com/sites/vyatta.com/files/pdfs/Vyatta_NATRef_R6.2_v01.pdf | ||
To allow '''masquerade NAT''', out through eth0, from multiple inside addresses out through the router's outside interface address | |||
<pre> | <pre> | ||
set service nat rule 10 type masquerade | set service nat rule 10 type masquerade | ||
Line 157: | Line 159: | ||
</pre> | </pre> | ||
To allow destination NAT, into the router, presenting machines on the inside, to the outside world | To allow '''destination NAT''', into the router, presenting machines on the inside, to the outside world | ||
<pre> | <pre> | ||
set interfaces ethernet eth0 address 192.168.1.20/24 | set interfaces ethernet eth0 address 192.168.1.20/24 | ||
Line 168: | Line 170: | ||
set service nat rule 20 protocol all | set service nat rule 20 protocol all | ||
</pre> | </pre> | ||
To allow '''source NAT''', going out from the router, so that machines on the inside, pick up external addresses as they communicate to the outside world | |||
<pre> | |||
set service nat | |||
set service nat rule 1020 description InsideServerName | |||
set service nat rule 1020 type source | |||
set service nat rule 1020 inbound-interface eth0 | |||
set service nat rule 1020 source address 10.1.1.20 | |||
set service nat rule 1020 outside-address address 192.168.1.20 | |||
set service nat rule 1020 protocol all | |||
</pre> | |||
To configure '''bidirectional NAT''', whereby machines on the inside appear to the outside world by the same address for traffic initiated from either outside or inside the router just combine both source and destination NAT configuration. | |||
== Troubleshooting == | == Troubleshooting == |