Next Previous Contents

1. Introduction

Like many small companies we are typical in our use of RFC1918. addressing. Specifically the 192.168.0.0/16 range. Because we needed some untrusted network access, as a security precaution I made the dubious decision to use overlapping address ranges that deliberately clashed with our own corporate network use to make it especially hard for someone to hack our main network if the untrusted network were compromised.

Unfortunately those untrusted networks have become increasingly more and more important and developers at our company needed use them. This became a problem because access was limited to a few physical locations. Now you know the reasons why I went through all this rigamarole, here's how I accomplished it.

This mini-howto is for 2.4 kernels and ip netfilter. All the examples were tested on a 2.4.18 kernel.

(C) 2002 Yan-Fa Li. Licensed under the GNU GPL


Next Previous Contents