From owner-freebsd-stable@FreeBSD.ORG Tue Apr 15 00:47:27 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4327337B401 for ; Tue, 15 Apr 2003 00:47:27 -0700 (PDT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6F7A043FDF for ; Tue, 15 Apr 2003 00:47:26 -0700 (PDT) (envelope-from RoKlein@roklein.de) Received: from [212.227.126.161] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 195LA4-0008MT-00; Tue, 15 Apr 2003 09:47:24 +0200 Received: from [217.234.134.215] (helo=z105.intern.studentenwohnheim-rhein-main.de) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 195LA4-0002Xq-00; Tue, 15 Apr 2003 09:47:24 +0200 From: Robert Klein Organization: roklein.de To: "vizion communication" , "FreeBSD Stable" Date: Tue, 15 Apr 2003 09:47:17 +0200 User-Agent: KMail/1.5 References: <00e101c302fb$5f8b5700$15b55042@vizion2000.net> In-Reply-To: <00e101c302fb$5f8b5700$15b55042@vizion2000.net> MIME-Version: 1.0 Content-Type: text/plain; charset="big5" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200304150947.18334.RoKlein@roklein.de> Subject: Re: NAT proxy concepts X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: RoKlein@roklein.de List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2003 07:47:27 -0000 How about IPSEC before NAT? Works wonders if you got non-overlapping RFC1918 networks on the ends. (Dunno if you can do it with FreeBSD, though. I set up a Linux solution quite a while ago) Robert On Tuesday 15 April 2003 05:01, vizion communication wrote: > Hi Guys > > I have been taking a close look at some networking > opportunities which are being frustrated by the limits which > are imposed by NAT. In particular the constraints impose by > the embargo on double NATing have an impact for a project I > am working on. Has anyone ever seen anything which I would > conceptually describe as a reverse NAT proxy? > > What I want to be able to do is to be able to create a > heirarchical tier of networks each one of which > communicates to the network above by using a modification of > NAT enjoying the capability of identifying a subnet number > and client. > > Does ayone know enough about this subject to point me in the > right > direction (which may be - forget about it there is no way it > can be done..:-) > > David > > > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to > "freebsd-stable-unsubscribe@freebsd.org"