[ previous ] [ next ] [ threads ]
 
 From:  Max Khitrov <maximkh at yahoo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: RE: [m0n0wall] How to take 5 dynamic IP's and assign to one private subnet?
 Date:  Tue, 8 Mar 2005 13:18:45 -0800 (PST)
Won't work. The IPs are dynamic and based on the mac as Scott said. Any
solution to this problem will require m0n0wall to be able to handle
multiple wan mac addresses and multiple dynamic IPs for each mac. My
guess is that you'll also need more then one nic.

So the setup would have to be you cable modem connected to a hub or
switch, then for each external ip you would connect that switch to a
single nic on your m0n0wall. If something like this is added in the
future, then at this point you would configure all the nics and
designate them as wan, set them up to get an IP through the ISPs DHCP
server, and only then will be you able to configure 1:1 NAT or whatever
you want.

Anyway, that's just my opinion of one way to solve this problem. Don't
know if there's a better way, or if something like this will even be
possible.

--- Braden McGrath <braden at mcmail dot homeip dot net> wrote:

> Why don't you guys just do 1:1 NAT?  This is exactly what it is
> designed
> for...  Unless m0n0's 1:1 NAT can't be done with dynamic IPs.  (I'm
> guessing it can't?)
> 
> --Braden 
> 
> > -----Original Message-----
> > From: Fractalyzor [mailto:fractalyzor at home dot se] 
> > Sent: Tuesday, March 08, 2005 2:29 PM
> > To: m0n0wall at lists dot m0n0 dot ch
> > Subject: RE: [m0n0wall] How to take 5 dynamic IP's and assign 
> > to one private subnet? 
> > 
> > Hi
> > 
> > I have the same setup, and I use the M0n0 as a Filtering Bridge.
> > The machine "behind" M0n0 ask and gets their Ip from the ISP 
> > DHCP server.
> > 
> > unfortunate this setup requires to use 2 nic in each clint machine.
> > 
> > The only real thing missing from this is rules based on mac 
> > adresses....
> > 
> > /Fredrik
> > 
> > Max Wrote:
> > Well in about 3 days I was going to be making the same post 
> > as Scott, only for 2 IPs :) Getting my new server on 
> > Thursday, and currently thinking about some changes I may 
> > want to make to my network.
> > 
> > If this isn't a current feature, I would like to request it 
> > for the near future (next beta maybe?). Right now I have two 
> > routers because I needed to use the ports that other people 
> > living with me were using.
> > 
> > If monowall could work with multiple WAN interfaces, each 
> > with its own max and ip it would solve a lot of headaches.
> > 
> > Manuel, any comments on this one? :)
> > 
> > --- Barry Mather <barry dot mather at dorecentres dot com dot au> wrote:
> > 
> > >
> > > Can m0n0 do multi mac address spoofing ??? if so, then you 
> > should be 
> > > able to do this ....
> > >
> > > Off the top of my head tho, I thought that it can only 
> > spoof 1 mac ..
> > > could be wrong tho
> > >
> > > -----Original Message-----
> > > From: Scott Fehringer [mailto:fehrings at onid dot orst dot edu]
> > > Sent: Tuesday, 8 March 2005 1:48 PM
> > > To: m0n0wall at lists dot m0n0 dot ch
> > > Subject: [m0n0wall] How to take 5 dynamic IP's and assign to one 
> > > private subnet?
> > >
> > > Hi everyone.  I have a unique network setup that I was 
> > hoping m0n0wall 
> > > could handle.  Let me describe it below:
> > >
> > > 
> > >
> > > From our ISP (Comcast) we have purchased 5 IP addresses.  These
> IP's
> > > are
> > > dynamically assigned, so it is not possible to predict what 
> > they will
> > > be, or
> > > even assume they are all from the same subnet.  Each IP is
> assigned
> > > based on
> > > a MAC address, so for each MAC address the cable modem sees, it
> will
> > > lease a
> > > DHCP assigned IP from Comcast.  Here are a couple of example IP's
> to
> > > illustrate what I am talking about:
> > >
> > > 
> > >
> > > IP #1: 24.22.53.119
> > >
> > > IP #2: 67.180.97.102
> > >
> > > Etc..
> > >
> > > 
> > >
> > > Inside our house, we have 5 computers.  I would like each of the
> > > computers
> > > to send its traffic through one of the five IP's, but still have
> its
> > > own
> > > local IP address that is on the same subnet as the other 4
> computers
> > > in
> > > the
> > > house.  So the network would look like this:
> > >
> > > 
> > >
> > > Comp 1 (local IP: 192.168.1.2) --->  (dynamically assigned 
> > public IP:
> > > 24.22.53.119)
> > >
> > > Comp 2 (local IP: 192.168.1.3) --->  (dynamically assigned 
> > public IP:
> > > 67.180.97.102)
> > >
> > > Comp 3 (local IP: 192.168.1.4) --->  (dynamically assigned 
> > public IP:
> > > x.x.x.x)
> > >
> > > Comp 4 (local IP: 192.168.1.5) --->  (dynamically assigned 
> > public IP:
> > > y.y.y.y)
> > >
> > > Comp 5 (local IP: 192.168.1.6) --->  (dynamically assigned 
> > public IP:
> > > z.z.z.z)
> > >
> > > 
> > >
> > > What this accomplishes is that each user in the house is 
> > permitted to
> > > use
> > > their public IP as they see fit (to run a server, or filesharing
> > > program, or
> > > whatever), but the computer will still be able to access the
> other 4
> > > computers in the house over the LAN.
> > >
> > > 
> > >
> > > How can I use m0n0wall to set this sort of a thing up?  I have
> > > several
> > > hubs
> > > and network cards at my disposal, so any suggestion that will
> work,
> > > I'll
> > > try.  If I'm being unclear on anything, please let me know 
> > and I will
> > > attempt to give more information. 
> > >
> > > 
> > >
> > > -Scott Fehringer
> > >
> > > 
> > >
> > >
> > >
> > >
> > > Dore Achievement Centres (Pty) Ltd - Hotline: 1300 55 77 11
> > >
> > > www.dorecentres.com.au
> > >
> > > This e-mail message may contain confidential or privileged
> > > information
> > > and is intended solely for the individual to whom it is 
> > addressed. If
> > > you
> > > are not the named addressee you should not disseminate, 
> > distribute or
> > >
> > > copy this e-mail. If you have received it in error please notify
> us
> > > immediately by telephoning 1300 55 77 11 and destroy this e-mail
> and
> > > any attachments. E-mail transmission cannot be guaranteed to be
> > > secure or error-free as information could be intercepted,
> corrupted,
> > > lost,
> > > destroyed, arrive late or incomplete, or contain viruses. The
> sender
> > > therefore does not accept liability for any errors or omissions
> in
> > > the
> > > contents of this message, which arise as a result of e-mail
> > > transmission.
> > > The content of this email is not necessarily that of the Dore
> > > Acievement
> > > Centres unless otherwise specified.  This email was scanned for
> > > possible
> > > viruses and was sent on 8/3/2005 by
> barry dot mather at dorecentres dot com dot au
> > > to m0n0wall at lists dot m0n0 dot ch
> > >
> > >
> > >
> > > 
> >
> ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > >
> > >
> > 
> > 
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > 
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>