[Cerowrt-devel] double_nat_question

Oliver Niesner oliver.niesner at gmail.com
Wed Aug 28 04:44:51 EDT 2013

Hi all,

I hope someone could help me, it seems that i doesn't get it or misinterpret
something :-/

I want to get rid of double NAT in my small network at home, but it seems it
only works, if i use an extra iptables MASQUERADE rule on my pc which does all
the firewalling dhcp etc..

My setup:	^
 -------------------------			------------------------
|			 |			| firewall pc		|
| dsl-router		 |			|dhcp, small		|
|(NAT, no CEROwrt!	 |----------eth0--------|webserver etc.		|
|ip, static=|	|---------------|--------
|------------------------					|
				|	WAN=	|
		WLAN------------|	CEROwrt			|

This setup works fine, but only when i do MASQUERADE on eth0, on my firewall pc!
I thought it must be possible, that only my dsl-router is doing the NAT and
everything else is routed inside the private net!
(the necessary routes are set, every machine could ping each other)
What i'm missing?



More information about the Cerowrt-devel mailing list