Hello List,<br>I am trying to set up a linux server as a router/firewall and set up a SIP tunneling between two public networks. <br>My Diagram will be something like this<br>Internet <-----> Linux Router <--------------> My Internal Network with Public IPs.
<br>Say My Network IPs are <a href="http://216.209.14.192/26">216.209.14.192/26</a> <br>I tried this setup.<br><br>Internet <----> <a href="http://216.209.14.197">216.209.14.197</a> (ExtIP <- Default Gateway <a href="http://216.209.14.193">
216.209.14.193</a> Router -> Internal IP) <a href="http://216.209.14.198">216.209.14.198</a> <------> My Servers connected through a switch with IPs 216.209.14.199-254 with Default Gateway <a href="http://216.209.14.198">
216.209.14.198</a>. <br>This set up did not work. <br><br>If I do this<br>Internet <----> <a href="http://216.209.14.197">216.209.14.197</a> (ExtIP <- Default Gateway
<a href="http://216.209.14.193">216.209.14.193</a> Router -> Internal IP) <a href="http://192.168.1.1">192.168.1.1</a> <------>
My Servers connected through a switch with IPs 192.168.1.199-254 with
Default Gateway <a href="http://192.168.1.1">192.168.1.1</a>.<br><br>I can go out through ip forwarding like this... <br>iptables -P FORWARD DROP<br>iptables -A FORWARD -s ${HUB_LAN} -j ACCEPT<br>iptables -A FORWARD -d ${HUB_LAN} -j ACCEPT
<br><br>These rules does not work with public IPs. <br><br>My Other Questions are<br>1. Can I use racoon for SIP tunneling, is there any limit on number of sessions. Bought a juniper router and found out that the router supports on 16 channels. I need to support at least 400 SIP channels.
<br>2. I have seen a lot of documentation of setting up Masquarding and IP Forwarding. I made it work but that does not solve my purpose. I need to assign Public IP to the my machines behind the router so that outside world can access those machines through router directly.
<br>3. I need to have tunneling with one service provider for network <a href="http://56.211.34.23/27">56.211.34.23/27</a>. For rest of the world I want the traffic to go through the router without any modification. I might want to add some firewall rules later for some specific port.
<br><br>I will appreciate if some one can give me some lead on how can I achieve this. <br><br>Thank you,<br>JP<br>