March 3rd, 2012, 05:45 AM
Hey guys,

I've got a /29 subnet from my ISP. Got a Linux box running as a GW server to do my NAT and VLAN's back to my switch. Basically wanting to NAT to different IP addresses based on source vlan.

What is the best way to do this? I haven't managed to get this working.


March 6th, 2012, 06:19 PM
I am not very familiar with advanced outbound NATing with Linux. What I can suggest, if your GW box only does function of the router i would look into pfSense.

You can do inter-VLAN routing using router on the stick model:

Here's an example:

Outbound NAT can be configured using webGUI in a few simple clicks as well.

March 7th, 2012, 10:05 PM
Rather not use a GUI, it does my VPN termination as well as my VPN connection to work.

Also other reason for keeping it how it is. I'm running it on a HP DL320 G2 which drivers for controlling the fan speeds are hard to get on non debian or RH operating systems.
Gotta have the drivers or its like death to my ears.

If anyone knows how to do this via CLI that would be spendid.


March 9th, 2012, 04:55 PM
assuming vlans have each their own subnet, have you tried simply making masq or snat rules with '-s' parameter, something like
' iptables -s subnet/mask -j SNAT --to-source ... '