[ previous ] [ next ] [ threads ]
 From:  "Aaron with Morad" <aaronc at morad dot ab dot ca>
 To:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Routed IP Block - Uses
 Date:  Thu, 5 Jan 2006 08:00:22 -0700
>On 1/4/06, Aaron with Morad <aaronc at morad dot ab dot ca> wrote:
>> Perhaps not related to m0n0wall but I thought I'd ask here first, many of 
>> you know a lot more about networking than I do.
>> My service provider has given me a /30 interconnect address for my 
>> router/firewall.  They have also routed a /27 block of IP's to me. 
>> Currently I use NAT and run private >>addressing behind m0n0wall (1-1 for 
>> some clients and Outbound for different WISP sites that I operate).  Is 
>> there a way to use the /27 block behind m0n0?  Set up some kind of a 
>>  >>bridge using the /27 and not have it NATed to clients behind m0n0?  I 
>> would like to give a client a public IP (from the /27) but still monitor 
>> / filter traffic and access while not using >NAT.

On January 04, 2006 7:10PM, Chris Buechler" <cbuechler at gmail dot com> wrote:
>With a routed block, you probably want to put it off its own interface
>on m0n0wall.  Give m0n0wall one of the IP's out of the /27 on that
>interface, and use the rest for public IP'ed machines.

>If you want to keep all the machines on the same interface, you should
>be able to use 1:1 NAT to machines on the private network.


Thanks Chris.  If I understand right I could take my OPT interface, use one 
of the /27 as it's address.  Then use that as the gateway for the public 
addressed machines.  How, then, can I use the 1:1 NAT for the privates on 
the same interface?  Wouldn't I need another IP in the interface for the 
private gateway?  Also, won't the public machines still be NATed back to the 
WAN address of m0n0?

Maybe I don't understand right?