Setting up static NAT

How can I set up static NAT using OpenSUSE 11.3 64-bit?

I want all traffic coming to modem0 (for example 1.2.3.4) forwarded and translated to another system (192.168.47.2) connected to the network on eth1 (192.168.47.1/24), and all Internet-bound traffic from the other system (192.168.47.2) forwarded and translated to modem0s’ IP address (for example 1.2.3.4). There must be no port translation and no filtering on the part of the NATting system.

At the same time, the NATting system must not use modem0 for Internet connectivity, but rather have 192.168.135.2 as its’ default gateway on the network connected to eth0 (192.168.135.134/24).

Did You try doing this using YaST firewall GUI ? The window I’m talking about looks like this in polish KDE :slight_smile:

It can be found YaST->security and users->firewall->adress translation tab

Best regards,
Greg

I have already set up dynamic NAT with overloading by hand, but that’s not what I want. Didn’t know there was a GUI for it, though. What I need is static NAT with dual connections to the Internet, where one PPP connection is used for the static NAT and the other (Ethernet with a default gateway) is used for routing the NATting systems’ other Internet-bound IP traffic.

I think this command might do the trick :

/etc/init.d/iptables save

but I’m not sure about. It works with for example CentOS but SuSEfirewall2 is still a bit of a mistery for me :slight_smile: Also please see my other reply in the second thread You created.

Best regards,
Greg

Well, the saving part is not the problem of this thread. I need a way to set up the routing / NAT configuration as described above.

Oh I thought You already set that up but I actually don’t understand what You want to do. What do You mean by the term NATing system ?

Best regards,
Greg

The NATting system being the OpenSUSE system performing NAT. What I want to set up is depicted in the following diagram:

A-----eth1-B-modem0-----Internet
           |
         eth0
           |
           |
       Internet

I want all Internet-bound traffic comming from system A via eth1 on the OpenSUSE 11.3 64-bit system B forwarded to modem0, replacing the source IP address with modem0s’ IP address. I want all traffic comming from the Internet over modem0 forwarded to eth1, replacing the destination IP address with system As’ IP address. Also, all other Internet traffic from system B should be routed over eth0.

Ok thanks for the clarification. I think I get the whole picture now. I’ve got just one more question. Why are You trying to do this using openSUSE ? I’m asking because it would be so much easier to do using vyatta :slight_smile: Of course it’s possible to do using openSUSE but I’m just curious.

Best regards,
Greg

Mostly because I have never heard of Vyata before :). Am checking it out now. However, I would still like to have a solution with OpenSUSE for this scenario.