>On 1/4/06, Aaron with Morad <aaronc at morad dot ab dot ca> wrote:
>> Perhaps not related to m0n0wall but I thought I'd ask here first, many of
>> you know a lot more about networking than I do.
>> My service provider has given me a /30 interconnect address for my
>> router/firewall. They have also routed a /27 block of IP's to me.
>> Currently I use NAT and run private >>addressing behind m0n0wall (1-1 for
>> some clients and Outbound for different WISP sites that I operate). Is
>> there a way to use the /27 block behind m0n0? Set up some kind of a
>> >>bridge using the /27 and not have it NATed to clients behind m0n0? I
>> would like to give a client a public IP (from the /27) but still monitor
>> / filter traffic and access while not using >NAT.
On January 04, 2006 7:10PM, Chris Buechler" <cbuechler at gmail dot com> wrote:
>With a routed block, you probably want to put it off its own interface
>on m0n0wall. Give m0n0wall one of the IP's out of the /27 on that
>interface, and use the rest for public IP'ed machines.
>If you want to keep all the machines on the same interface, you should
>be able to use 1:1 NAT to machines on the private network.
Thanks Chris. If I understand right I could take my OPT interface, use one
of the /27 as it's address. Then use that as the gateway for the public
addressed machines. How, then, can I use the 1:1 NAT for the privates on
the same interface? Wouldn't I need another IP in the interface for the
private gateway? Also, won't the public machines still be NATed back to the
WAN address of m0n0?
Maybe I don't understand right?