Re: FW: [m0n0wall] Question re static IPs and DHCP

From:	"Chris Buechler" <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: FW: [m0n0wall] Question re static IPs and DHCP
Date:	Wed, 3 May 2006 12:26:37 -0400

On 5/3/06, Scott Karch <scott dot k at facilitywiz dot com> wrote:
> Thanks for the information. Our new switches support VLANs but I'm not ready
> to implement that yet. I'd rather not use 1:1 NAT for DNS reasons ( I want
> us to be able to resolve to the same DNS names as the outside world ). What
> is a way to get this to work with all computers on the c Class. Does this
> make sense...
> WAN-IP  64.x.x.1
> LAN-IP  64.x.x.2
> DHCP    64.x.x.230-250
> servers all have 64.x.x.3-229
>

With that, your WAN and LAN will be on the same subnet.  That won't
work (a single subnet can only be on one side of any firewall).

Ideally, if you're going to use a /24 on one of your interfaces,
you'll also get a /30 from your ISP for your WAN, and your ISP will
route that /24 to your WAN IP.

You'll also need to disable NAT (see the FAQ).

-Chris