On Mon, 13 Dec 2004 02:55:39 -0600, John Reese <jwreese0 at comcast.net> wrote: > I work for a company that has nearly exhausted its Class C range of IP > addresses. We decided to get by the problem by using a single Linux > router running iptables to route the exhausted 192.168.1.0 network > (eth0) to three LANs with numbers 192.168.101.0, 192.168.102.0, and > 192.168.103.0 (eth1, eth2, and eth3). Our goal is to have clients inside > those networks see a single server in the old 192.168.1.0 network. > > Since the new LANs are inside the production network (192.168.1.0), they > face a trusted network and don't need to filter or firewall transactions > across the router. The clients only need to see the server, and the > server needs to see inside the new LANs in order to print to their > printers. [snip for brevity] I don't think you want to use NAT at all, since that is going to effectively masquerade your IP addresses. If you just use your Linux box as a router without NAT, a few static routes should give you everything you need. I don't recall the syntax off-hand, but you should be able to setup simple rules in your server so that for the networks 192.168.101.0/255.255.255.0, 192.168.102.0/255.255.255.0, and 192.168.103.0/255.255.255.0, it should use your internal router instead of its default gateway. On the router, simply set all incoming traffic on 192.168.1.0, bound for one of the other three networks, to go out the appropriate interface. Hope this helps, I know it might be a bit vague. -- Dave Sherman MCSA, MCSE, CCNA [Insert witty .sig here.] _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list