[ previous ] [ next ] [ threads ]
 
 From:  Matti Raustia <matti dot raustia at ee dot oulu dot fi>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  m0nowall as firewall and DHCP server, no NAT
 Date:  Sun, 19 Dec 2004 23:14:37 +0200 (EET)
I haven't been able to find instructions how to do this so I'm going to ask
you guys:

I'd like to use m0nowall as a DHCP server and firewall but without NAT. All
the ip addresses of the network setup are real, public ip addresses.

Basically my setup is as follows:

ISP's SDSL box, ip 80.xxx.xxx.1
m0nowall box,	ip 80.xxx.xxx.2 (real, static, public ip)
switch 1 	ip 80.xxx.xxx.3 (real, static, public ip)
switch 2	ip 80.xxx.xxx.4 (real, static, public ip)
switch 3	ip 80.xxx.xxx.5 (real, static, public ip)

The DHCP clients, ip address range 80.xxx.xxx.6-62, all are public ip addresses.

Now I've been trying to do this with m0no but without luck. The m0no box has two
NICs and is doing just fine if I use it like all those tutorials and
examples show I've found, which are basically one public ip and private net
behind NAT. However, if I try to use the 1:1 NAT, advanced outbound nat, proxy
ARP or whatever I am not able to even ping anything but the LAN side of the
m0no box.

Some questions:

Should the WAN and the LAN sides of the m0n0 box have different ip addresses in this case?

Should I enable 1:1 NAT, advanced outbound NAT or both? If I should enable
some of these features, what settings I should give to them?

Should I use proxy ARP and what exactly I should enter there?

I'm sorry if these questions are trivial but I am really confused here. I
promise if get this thing solved I shall write an example configuration with
pictures of this so others fighting with this shall not ask the same
questions...

Thanks in advance!

matti
Hopeless in Oulu, Finland