Strange NAT problem with VLAN Bridge Home Page › Forums › Network Management › Signal a BUG › Strange NAT problem with VLAN Bridge This topic contains 1 reply, has 0 voices, and was last updated by raspi 10 years, 11 months ago. Viewing 1 post (of 1 total) Author Posts July 6, 2008 at 5:31 am #41079 raspiMember I have BRIDGE00 – LAN (ETH00.111) 192.168.0.0/24 BRIDGE01 – WLAN (ETH00.222) 192.168.1.0/24 BRIDGE02 – Internet (ETH00.444 ETH01.333) x.x.x.x/25 If I do it manually in Debian like so: /etc/network/interfaces: auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 allow-hotplug eth1 iface eth0 inet static iface eth1 inet static auto vlan111 auto vlan222 auto vlan333 auto vlan444 auto br0 auto br1 auto br2 # LAN iface vlan111 inet static vlan_raw_device eth0 # WLAN iface vlan222 inet static vlan_raw_device eth0 # ADSL Modem iface vlan333 inet static vlan_raw_device eth1 # Internet iface vlan444 inet static vlan_raw_device eth0 # LAN bridge iface br0 inet static address 192.168.0.1 netmask 255.255.255.0 bridge_ports eth0.111 bridge_stp on # Internet bridge iface br1 inet static address x.x.x.x netmask 255.255.255.128 gateway x.x.x.x bridge_ports eth1.333 eth0.444 bridge_stp on post-up iptables -t nat -A POSTROUTING -o br1 -j MASQUERADE pre-down iptables -t nat -D POSTROUTING -o br1 -j MASQUERADE # WLAN bridge iface br2 inet static address 192.168.1.1 netmask 255.255.255.0 bridge_ports eth0.222 bridge_stp on /etc/sysctl.conf: net.ipv4.conf.default.forwarding=1 So br0 and br2 can access internet using 192.168.0.1/192.168.1.1 as GW and br1 is “straight-through” access without NAT. Bridge br1 (Internet) doesn’t NAT VLAN 444/333 with br1’s IP while ZeroShell (BRIDGE02, same as br1 in example) does. So what is ZeroShell doing? Author Posts Viewing 1 post (of 1 total) You must be logged in to reply to this topic.