Network setup - (NAT Thing)
-
Who should I contact, or what should I do, if I want the following setup:
http://www.gliffy.com/publish/1052614/L
Each router have a public IP, and I want to connect from every city to city 1 (Head office) - but i don't want to connect from e.g. 2 to 3
Example IP's:City 1 Public IP (example): 100.100.100.101 Router: 10.1.0.1 Server: 10.1.0.2 Clients: 10.1.1.10 - 10.1.1.254 City 2 Public IP (example): 100.100.100.102 Router: 10.2.0.1 Server: 10.2.0.2 Clients: 10.2.1.10 - 10.2.1.254 City 3 Public IP (example): 100.100.100.103 Router: 10.3.0.1 Server: 10.3.0.2 Clients: 10.3.1.10 - 10.3.1.254 City 4 Public IP (example): 100.100.100.104 Router: 10.4.0.1 Server: 10.4.0.2 Clients: 10.4.1.10 - 10.4.1.254Hope you have an answer
–------------------
Anders Hansen -
Not sure what you mean by who should you contact?
Your looking for paid support? If so you may want to post a bounty. Otherwise you need to spell out your problems here if you want free support.
-
It was, if I should contact my ISP to make a solution, or if it is possible using pfSense as router/firewall ;)
–--------------------------
Anders Hansen -
By what little you have showed I don't see any reasons why pfSense would not work for what your looking for.
Give it a shot.
-
The point is: How to make it possible with the 10.x network - over the net (some kind of VPN ???)
If I should use some kind of NAT or what ???
–----------------
Anders Hansen -
Yes, you would use NAT.
-
How do i make a mapping like:
100.100.100.1 => Maps to 10.1.0.1 100.100.100.2 => 10.2.0.1 100.100.100.3 => 10.3.0.1 100.100.100.4 => 10.4.0.1???
–----------------
Anders Hansen -
Firewall -> NAT -> Advanced Outbound NAT
-
Made a Virtual IP for 100.100.100.2:
If I should ping 10.2.0.1 with this rule, would it ping 100.100.100.2?
–---------------
Anders Hansen
-
You are most likely talking about a VPN setup here. You need 3 tunnels to get this working. It's pretty easy. As the tunnel definitions only will match
City1 <-> City2
City1 <-> City3
City1 <-> City4there won't pass any traffic between city2, city3 or city4 whereas everybody can connect to citiy 1 and city1 can connect to all other cities.
See http://doc.m0n0.ch/handbook/ipsec.html for how to configure this. It's exactly the same for pfSense.