[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  "mono at spectratechnology dot net" <mono at spectratechnology dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] NATting Confirmation
 Date:  Sat, 12 Nov 2005 20:16:29 -0500
On 11/12/05, mono at spectratechnology dot net <mono at spectratechnology dot net> wrote:
> I want to run a mail server on OPT1 network using a public IP. That same
> public IP is my second and last one. I only have 2 :(   Anyway, I want to
> be sure that when the traffic comes in it comes in on that IP and get
> passed over to that specific computer that I want to give a private IP to,
> such as When email traffic goes out it ought to show that it
> came from that particular public IP such that the reverse DNS holds true
> and my emails aren't rejected.
> I will need to run web servers and others off that 2nd IP as well.
> From my reading, I suspect that I need to do Server NAT, inbound and
> outbound. Is that correct ?  Will m0n0 handle such a situation ?

Yes, server NAT + inbound NAT to open the ports on that second IP
inbound, and outbound NAT to map the mail server to that second IP for
outbound traffic.

> What settings must I make to pull this off ?

add the second IP to server NAT, and then in Inbound NAT add the
appropriate stuff.  In Outbound, add a rule to map the mail server to
the second IP, and a rule to map everything else to the WAN's IP.