Hi Folks,
I've been trying to wrap my head around a problem for a little while and
I'm getting nowhere fast so thought I'd ask the experts:
Due to a company take over I have two networks, NetA and NetB, that I
need to link together for bi directional data sharing etc. Unfortunately
both networks use the same IP addressing scheme i.e. 172.16.10.0/24 and
neither can changed within the timespan available to me.
So I need to setup a PF box which links to both networks and translates
between the two. Conceptually I want to have it that from NetA's
perspective NetB is 172.16.20.0/24 and from NetB's perspective NetA is
172.16.30.0/24
NetA ----> NetB-NAT (172.16.20.0/24) -----> NIC1 (172.16.10.254/24) PF
Firewall/Route NIC2 (172.16.10.254/24) <---- NetA-NAT (172.16.30.0)
<----- NetB
I've read about bitmask on NAT/BITNAT etc and all this looks good the
problem however is that this is done on the outgoing interface however
given that both the outbound and inbound interfaces share an ip/subnet
the packets never get to the outbound interface to be translated.
I'm sure there's something completely obvious I'm missing, any help
would be much appreciated.
Simon
- Join two overlapping subnets with two way NAT/BINAT Simon Slaytor
-
