|
||||||||
On 3/31/06, JP Aubineau <jp at netechnica dot com> wrote: > > Onto the hard part (or at least what I cant figure out!): > > I have a block of public IP's (/29 subnet) of which I would like to assign > individual IP's to specific VLAN's (assuming via NAT); These IP's would > essentially be the public gateways for each VLAN (there are several hosts > in each LAN network that I plan to port forward services to, so a 1:1 host > NAT wouldnt work AFAIK). Some of the VLAN's would share a public IP [is > this possible?], as I am limited to only a /29 block of IP's. > this is all possible. I'll assume that everything works fine now, but it is all getting NAT'ed to the WAN interface's IP address. That a safe assumption? If not, there are other issues to iron out before attempting this outbound NAT configuration. First, go to the NAT screen, and the Outbound tab. Check the enable advanced outbound NAT box and hit Save. At this point your Internet connection will stop functioning because you won't have NAT at all anymore. You need to then hit the + on that page, and add a NAT rule for each subnet. I'll give you a couple examples of the rules you need, and you can figure out what the rest of them will be from that. > > LAN_0, DMZ = xxx.xxx.xxx.34 Outbound NAT screen: interface: WAN source: 192.168.8.0/24 destination: any target: xxx.xxx.xxx.34 > LAN_1: = xxx.xxx.xxx.35 Outbound NAT screen: interface: WAN source: 192.168.10.0/24 destination: any target: xxx.xxx.xxx.35 you get the idea. set up all those rules and everything should work properly. you can go to www.whatismyip.com from a machine on each VLAN to verify your configuration. -Chris |