Tman
April 21st, 2005, 01:08
I am setting up a nat/firewall using OpenBSD. Can I do nat for a network that is not assigned to the interface of the firewall? Like if I have 2 nics at 192.168.0.1 and 192.168.1.1, can I do nat for 192.168.3.0/24 assuming I route the 192.168.3.0 network to the firewall?

Strog
April 21st, 2005, 09:25
I am setting up a nat/firewall using OpenBSD. Can I do nat for a network that s not assigned to the interface of the firewall? Like if I have 2 nics at 192.168.0.1 and 192.168.1.1, can I do nat for 192.168.3.0/24 assuming I route the 192.168.3.0 network to the firewall?

That is definitely something you can do. You are correct that you would need to route it to get it to the firewall but it's able to pass it from there. Just make sure you add 192.168.3.0/24 to your rule if you are setting it explictly (i.e. not using any to any).