[ previous ] [ next ] [ threads ]
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Yet another question about multiple IPs on WAN
 Date:  Thu, 30 Jun 2005 15:53:44 -0400
Chris Buechler wrote:
> On 6/30/05, Michael Lester <mlester at fastrans dot com> wrote:
>> Our network consists of xx.xx.152.0 - xx.xx.155.255.  My upstream
>> provider has a Cisco router at xx.xx.152.1.  This will be my m0n0
>> box's default gateway.  The old network setup used two linux
>> firewalls (one for internal, one for DMZ).  The upstream Cisco
>> splits incoming traffic between the two firewalls.  It routes some
>> traffic to xx.xx.152.2 and some to xx.xx.152.3.  If I set my m0n0
>> box's WAN ip to be xx.xx.152.2, I lose all the traffic routed to
>> xx.xx.152.3. 
> Change the upstream router.  Proxy ARP on m0n0wall might suffice,
> there's no reason to leave the router in a state that is
> for your new topology.

If you cannot change the upstream router, add xx.xx.152.3 on Server
NAT tab and (as Chris suggested) Proxy ARP tab. That IP will be
available to use as "External address" when adding Inbound NAT rules. 

James W. McKeand