Remote RMX-3200 Version 5.2x Configuration Guide
Configuring Technician Laptop Access for Remote RMX-3200: Configuring IPTables for Network Address
Translation
13-6
Configuring IPTables for Network Address Translation
IPTables rules must be configured to enable network address translation for laptops
on the private network. Without NAT, devices with private addresses cannot send
packets to devices outside the LAN.
Note: For more information on IPTables, refer to an IPTables man page (version
1.2.7a).
To configure IPTables for address translation:
1. Flush all IPTables:
config iptables -t nat -F
config iptables -t filter -F
config iptables -t mangle -F
2. Configure a rule in the PREROUTING chain in the mangle table that accepts all
packets from source subnet
10.10.10.0/24 and to destination address
184.155.22.36:
config iptables -t mangle -A PREROUTING -s 10.10.10.0/24 -d
184.155.22.36 -j ACCEPT
3. Set the default action for the PREROUTING chain to drop all packets:
config iptables –t mangle –P PREROUTING DROP
CAUTION: If you are connected to Remote RMX-3200 via a Telnet connection
and you set the default action to drop all packets without first
configuring a rule to accept packets between your workstation and
Remote RMX-3200 (as in step
2), your connection to Remote RMX-
3200 will be lost.
In this scenario, you will:
Flush all Iptables
Configure a rule in the PREROUTING chain that accepts all packets from a
source subnet that go to a specified destination address
Set the default action for the PREROUTING chain to drop all packets
Configure a rule in the POSTROUTING chain that masquerades all TCP
packets from a specified source subnet.
To Next Page
Loading...
