|
||||||||
I have a client that need some additional bandwidth so I am considering having Comcast cable installed. I have been brainstorming a way to make the two internet connections play well together without buying expensive equipment. I am not looking for failover or direct usage of both internet connections. Their current internet is a 400K bi-directional fractional T1. The have a /29 subnet. Picture this m0n0wall configuration: The Comcast cable (DHCP) connected to the "WAN" port. The LAN is connected to the "LAN" port. DHCP, DNS, etc handled by Wintel machines. LAN machines would use this as their gateway. Now comes the weird idea... (it might be hard to visualize) They have a DMZ zone on their /29 subnet that is protected by a Netscreen firewall in layer 2 transparent mode. There are a couple machines using static IPs for things like web serving and SMTP relay. My idea is to pretty much eliminate the usage of the 400K connection for LAN use. It will be reserved for web, SMTP and remote access (RDP) usage. What if I connected the m0n0wall "OPT1" interface to their /29 using a static IP and used NAT to forward some ports (like SMTP) on that interface to LAN based machines? Does anyone know if this will work? Will connections from the internet to the /29 IP on m0n0wall actually route correctly? Will the SMTP server in the LAN be able to send mail directly to the SMTP relay in the DMZ (opt1) without going out through Comcast? Will the SMTP relay in the DMZ be able to send mail directly to the opt1 interface and have it go to the LAN server? Will inbound RDP connections through OPT1 from the internet route correctly to the LAN machines? Any help would be appreciated. -Kevin |