Next Previous Contents

4. Second Attempt: Double NAT

Double NAT is one of those unholy things that makes network administrators cringe. Their bones crackle and sinews twist as they think of the nasty things that a) NAT does and b) Double NAT does doubly. It's a hack, but when you have a situation where you have two subnets that are the same addressing that wish to communicate, it's a useful hack because it allows you to de-couple them into separate address space.

ASCII Art 3: Attempt 2

        Network 1
        192.168.150.0 (Corp)
                         |
        Network 2        |
        192.168.180.0 (Intermediate)
                                |
                NAT BOX 1       |
                eth0 192.168.180.180
                eth1 10.15.15.1
                            |
                NAT BOX 2   |
                eth0 10.15.15.2
                eth1 192.168.150.252
                                |
        Newtwork 3              |
        192.168.150.0 (Untrusted Network)

Yeah, like I said it's pretty satanic. So first step, host preparation.


Next Previous Contents