On Mon, 2004-11-22 at 07:27, Jesse Guardiani wrote:
> Henning Wangerin wrote:
> 
> One thing I learned during my quest to get m0n0wall set up with a fully
> functional DMZ is that PPPoE is not capable of specifying a netmask. So

Correct. PPPoE "delivers" a single IP, so that will be a /32 adress.

> you will never want to bridge with a PPPoE WAN interface because PPPoE
> is only capable of assigning one static IP. 

I'm not looking for bridging. I requesting the possibility to create
multible PPPoE conenctions/sessions to the same box, to get multible IPs
assigned (on multiple interfaces if that would solve the problem)

> If you need a subnet routed,
> then that's OK, and it works, but you won't ever see anything other than a
> 255.255.255.255 netmask on your PPPoE interface.

I don't have a routed subnet. Just three separate PPPoE logins to my
ISP. This setup is very common here in Denmark, if you need multiple IPs

> Yeah, on my whiteboard in my office. :) Here, let's see if we can draw it
> in ASCII:
> 
> 
> Cisco 2600
>     |
>     +-> ADSL ATM Circuit
>               |
>               +-> WAN (m0n0wall) [int.wingnet.net]  
>                         |
>                         +-> LAN (m0n0wall) [192.168.1.1/24]
>                         |
>                         +-> DMZ (m0n0wall) [216.64.103.225/29]
> 
> 
> 1.) I have bound an additional public IP to the WAN interface via
>     "Server NAT".

Yes? But how do my ISP send trafic to that IP? Again I don't have a
routed subnet, just three PPPoE logins

> I hope that makes sense. Also, if anyone sees any security problems
> with my setup, please speak up. I didn't go to school for this. :)
> I just fiddled around with it until I got it working.

Partly, but it doesn't apply to my setup, if I read your message
correctly.

-- 
Henning Wangerin <post plus 041008 at henning dot wangerin dot dk>
-- 
Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk>