Re: [m0n0wall] Question about m0n0wall feature

From:	Peter Allgeyer <allgeyer at web dot de>
To:	m0n0wall at lists dot m0n0 dot ch
Cc:	fisch at conne dash island dot de
Subject:	Re: [m0n0wall] Question about m0n0wall feature
Date:	Sat, 24 Jan 2004 18:29:34 +0100

Hi fisch!

On Sat, Jan 24, 2004 at 05:42:51PM +0100, fisch wrote:
> I have a question about m0n0wall. Is it possible to handle multiple
> static
> WAN-IP's and forward them to different servers in a DMZ?

Why not? Assume an external network 62.112.113.32/29 with:

62.112.113.32    network
62.112.113.39    broadcast
62.112.113.33    internet router
62.112.113.38    firewall

Now you can make a 1:1 NAT to addresses in your DMZ or LAN for IP
addresses 62.112.113.34 to 62.112.113.37.

For example assume your DMZ net is 192.168.129.0/26:
192.168.129.0    network
192.168.129.63   broadcast
192.168.129.62   firewall 

192.168.129.4 <--> 62.112.113.34
192.168.129.5 <--> 62.112.113.35
192.168.129.6 <--> 62.112.113.36
192.168.129.7 <--> 62.112.113.37

I think that Proxy ARP is done automatically by m0n0wall.

Ciao ...
        ... PIT ...

---------------------------------------------------------------------------
 copyleft(c) by |   _-_     And Bruce is effectively building BruceIX  --
 Peter Allgeyer | 0(o_o)0   Alan Cox
---------------oOO--(_)--OOo-----------------------------------------------