I'd like to be able to do Inbound NAT and Outbound NAT on the LAN interface. Currently, when you go to setup an SNAT or DNAT entry, you are given a drop-down of interfaces to apply it to, which includes WAN and any OPT interfaces, but for some reason not LAN.
I've had one situation where clients on a remote part of the LAN have a route to m0n0wall's LAN IP, but no route for the subnet on m0n0's OPT1 interface. I can't change the routing (someone else's area), but with a linux box in place of m0n0 I can set a DNAT rule on traffic in on the LAN interface, so if the remote clients connect to TCP/993 on my m0n0 LAN IP, they can talk to the IMAPS server on m0n0's OPT1 interface.
I've also had situations where it would help greatly if the computers on the LAN saw connections that are port forwarded thru from the WAN interface as actually originating on m0n0's LAN IP. In short I want to be able to do apply SNAT to all traffic out the LAN interface. Using the m0n0wall web GUI with "Enable Advanced Outbound NAT" ticked I can do what I want on the WAP or OPTx interface, but not the LAN interface.
Am I making sense, or did that just come out as a jumbled mess? =)
|
Topic: NAT on LAN interface