incoming services using masquerade

incoming services using masquerade

Post by John Croo » Wed, 21 May 1997 04:00:00



We've got two networks, they are connected using a Cisco 4000 router.
Between net 1 and the Cisco router we've got a linux firewall.
All we do at this router is masquerading. We can get from net 2 to net 1
but not from net 1 to net 2.
I've read that this had to do with the incoming services. We don't want
to use the firewall for security reasons but just for masquerading.
How do I make this to work !

Thanx

 
 
 

incoming services using masquerade

Post by Rodney van den Oev » Mon, 09 Jun 1997 04:00:00



>We've got two networks, they are connected using a Cisco 4000 router.
>Between net 1 and the Cisco router we've got a linux firewall.
>All we do at this router is masquerading. We can get from net 2 to net 1
>but not from net 1 to net 2.
>I've read that this had to do with the incoming services. We don't want
>to use the firewall for security reasons but just for masquerading.
>How do I make this to work !

This is a problem (or feature depending on where you stand) with
masquerading. Because it translates many to one, you can't map
incoming sessions to static internal addresses.

You would have to enable proxy servers like the TIS plug-gw for
specific services.

If you need to map many-2-many addresses consider using the
4000-router with 11.2 software (includes NAT).