> I have the following 10.0.0.0/8 Linux network behind a linux firewall.
> I am using iptables/NAT-MASQ (via arno's firewall script) to do port
> forwarding to the WWW, e-mail, etc. servers off one IP. All that works
> My problem is that I now have to provide internet access into an
> internal router that is a gateway to a 10.0.0.0/8 network. I have more
> public IPs so I hope there is some way to forward, tunnel or bridge to
> do this.
Hm, are you saying, that you currently have only WWW and email
access for your internal network via proxy server(s) to the
Internet, and now you want fullblown Internet access for the
> (eth0)[Firewall](eth1)<-->(eth0)[WWW Server](eth1)
> <--> Internal Network <--> router
> <--> customer 10.0.0.0/8 network.
> In the internal network I have a dial on demand router that is also
> doing NAT 10.0.0.0/8. The customer would prefer not to renumber.
I'm still confused about your current network setup. You also gave
too few information about the IP adrs and netmasks.
Is the "Internal Network" above a real network or is it just
a description that from here on your internal net begins?
You talk about an internal router and a dial on demand router
above, are these two routers or are you talking about the same
What sense does it make to have a dial on demand router in
an internal network? Do you have two direct connections to
the Internet, one via the Firewall and a second one via
your dial on demand router?
You see, still lots of confusion here on my side. :-)
I guess you need to better explain and give more information
about your current setup and about what you want to achieve.
?When pings go wrong (It hurts me too)? E.Clapton/E.James/P.Tscharn