[ previous ] [ next ] [ threads ]
 
 From:  KnightMB <knightmb at knightmb dot dyndns dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Help on which NAT to choose
 Date:  Thu, 09 Mar 2006 11:14:29 -0600
If they use 1:1 NAT then the outbound connections will still show up as 
the main WAN of m0n0wall.  If you need the outbound connection IP to 
match the inbound connection IP you'll have to use the Advanced Outbound 
NAT features to ensure 2 way flow to the WAN address.  That snagged me 
on 1:1 a while ago when I wanted a machine to behave like it was alone 
on the Internet with a WAN address.

Lee Sharp wrote:
> From: "Andrea Gangini" <a dot gangini at mimesi dot com>
>
>> I've tested monowall in a simple configuration and I found it very 
>> complete and robust; so I want to migrate the firewall (ipcop based) 
>> of our company to monowall.
>> However I could'nt understand how to replicate a simple ipcop 
>> feature, which is that the firewall must have multiple WAN ips, each 
>> with its own port forward rules. In ipcop this feature is called 
>> "network alias". The internal network is NATted on a single WAN ip 
>> (all outbound requests originate from the same IP).
>
> You need 1:1 NAT and Proxy Arp.  
> http://192.168.1.1/firewall_nat_1to1.php and 
> http://192.168.1.1/services_proxyarp.php  The first does the NAT, and 
> the second allows the m0n0wall to advertise the IP address.
>
>                        Lee
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>