Re: routing question

["Vijay Sankar" <vsankar_(_at_)_foretell_(_dot_)_ca>]

Good day,

I have seen similar problems before.

You must be doing some sort of proxying or NAT to allow Internet sites to
communicate with hosts on the 192.168.10/24 subnet, right? So the site on
the Internet has to have a path back to a NAT'ed or Proxied service through
the 192.168.10/24 subnet in order to get to the VoIP Control Center at
10.4.6.200/32 (or whatever happens to be the IP address of that host).

Hope this helps, 


Vijay

-----Original Message-----
From: owner-misc_(_at_)_openbsd_(_dot_)_org [mailto:owner-misc_(_at_)_openbsd_(_dot_)_org] On Behalf Of
Bob DeBolt
Sent: December 14, 2005 11:51 AM
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: routing question

Greets 

I have a scenario that is simple but I am having trouble getting my head 
around. Inside a 192.168.10/24 network there exists a 10.4.6/24 network for 
VOIP. Everthing works fine. 

The issue I have is setting up a route for a third party VOIP management 
company who wants to access the VOIP control center via an SSL interface
from 
the Internet thru the firewall to the VOIP control center.

All of the data traffic on the data LAN has the router address of 
192.168.10.1. 

The data side of the vlan router is 192.168.10.16 and the VOIP side on the 
vlan router is 10.4.6.253.

To access the VOIP network one must go thru the 192.168.10.16 interface of
he 
vlan router. 

Adding a route to a workstation on the 192.168.10 network to the 10.4.6 
network using the 192.168.10.16 interface as the gateway works fine, thus 
allowing access to the SSL web interface.

Adding a route on the firewall to the 10.4.6 network thru the 192.168.10.16 
interface allows internal workstations to access the SSL web interface.

The root of the problem I have is getting traffic from the Internet to the 
10.4.6 SSL web interface thru the 192.168.10.16 interface of the vlan
router.

Anyone have experiece on this one?

Bob D