Maarten Poell wrote:
>The subnet's are from one operator.
>Both of the subnets will be routed to m0n0wall.
>So I want the wan ip adress to listen to both subnets (like ip aliasing)
If you want Monowall to answer all request from the net you have to
setup nat and probably use One-2-one nat.
If you want to setup ips diretly on all station, you have to disable nat.
You can also setup one subnet for 1 interface for the DMZ without nat,
and use RFC1918 ips on the lan interface and use one2one nat for
specific servers/admin station on your lan side.
>Then I want to setup per ip the different firewall rules.
For incoming rules.. With nat, outgoing rules will also work
>So I think I don't need any NAT because these public ip adresses are routable.
nope, but if it's for internet basic usage, you should use nat, and only
for specific application, use public ips
>But I will test it when I ordered the hardware.
That's will be a good start :)