Well...
If you are working on their main firewall/router, allowing 192.168.0.0/16 (assuming they are using 192.... scheme) on the internal interface will allow all subnets from 192.168.0.0 to 192.168.255.255 to follow whatever rule you set up in iptables.
But, I assume if all these subnets are already set up, they probably have this in place already, thus negating the need to re-invent the wheel.
If you are attempting to allow all these subnets to access something external from their network, they probably have masquerading in their router, thus making all internal traffic appear to come from one public IP address. It should be quite simple to allow this one public IP address to be forwarded to wherever you need.
HTH
Dave
|