Virtual Router/ Firewall/ VPN

Reply
Frequent Visitor
Posts: 1
Registered: ‎12-01-2014

Vyatta: Networkrange Natting not working / What is wrong in my Config (Diagram included)

[ Edited ]

Hello,

in the past I only used the masquarating NAT, which is why I am not sure what is wrong with my config.

 

The goal is to use the URL-Filter (Squid Webproxy) of Vyatta for my WLAN Network.

 

It is mandatory that the clients in network 1 and 2 can communicate with each other.

 

I know that it is uncommon to NAT between two private adress-ranges.

 

Thank you for taking a look at my network diagram.

 

I need input.

 

http://www.directupload.net/file/d/3823/rf5n4utk_jpg.htm

 

interfaces {
    ethernet eth0 {
        address 10.10.20.1/16
        description toGIAP0X
        duplex auto
        hw-id 00:16:d3:bc:44:75
        smp_affinity auto
        speed auto
    }
    ethernet eth2 {
        address 172.16.3.29/16
        description toINTERN
        duplex auto
        hw-id 00:71:00:ff:03:0c
        smp_affinity auto
        speed auto
    }
    loopback lo {
    }
    wireless wlan0 {
        hw-id 00:1b:77:6f:f4:3d
        mode g
        physical-device phy0
        type monitor
    }
}
nat {
    destination {
        rule 10 {
            destination {
                address 172.16.0.0/16
            }
            inbound-interface eth2
            translation {
                address 10.10.0.0/16
            }
        }
    }
    source {
        rule 10 {
            outbound-interface eth2
            source {
                address 10.10.0.0/16
            }
            translation {
                address 172.16.0.0/16
            }
        }
    }
}
protocols {
    static {
        route 0.0.0.0/0 {
            next-hop 172.16.0.1 {
            }
        }
    }
}
service {
    dhcp-server {
        disabled false
        shared-network-name toGIAP0X {
            authoritative enable
            subnet 10.10.20.0/16 {
                default-router 10.10.20.1
                dns-server 10.10.20.1
                lease 604800
                start 10.10.20.10 {
                    stop 10.10.20.253
                }
            }
        }
    }
    dns {
        forwarding {
            cache-size 150
            listen-on eth2
            name-server 172.16.1.245
            name-server 172.16.1.246
            system
        }
    }
    ssh {
        allow-root
        port 22
    }
}
system {
    config-management {
        commit-revisions 20
    }
    console {
        device ttyS0 {
            speed 9600
        }
    }
    domain-name XXXXXXXXXXXXXX
    host-name vyatta2
    login {
        user vyatta {
            authentication {
                encrypted-password $1$OONy1fGW$4Xj2pEg.Op8gIWmzyy1Xd/
            }
            level admin
        }
    }
    ntp {
        server 0.vyatta.pool.ntp.org {
        }
        server 1.vyatta.pool.ntp.org {
        }
        server 2.vyatta.pool.ntp.org {
        }
    }
    package {
        auto-sync 1
        repository community {
            components main
            distribution stable
            password ""
            url http://packages.vyatta.com/vyatta
            username ""
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone Europe/Berlin
}


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@4:nat@4:qos@1:quagga@2:system@6:vrrp@1:wanloadbalance@3:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: 999.master.07120436 */

 

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.