|
||||||||||
Thanks for the help. Currently, I only have the /24 for my use. Can I still 1:1 NAT or do I need one additional IP address for the WAN port of the M0n0wall? Can I use 67.x.x.2 for the WAN port? I'm already using 67.x.x.1 on the DSU/CSU. Will using .1 and .2 cause any problems with the 1:1 NAT? Just curious since the whole /24 won't really be 1:1 NAT. I don't know of any other IPs to be used outside the firewall. Scott Karch Facility Wizards Software scott at facilitywizards dot com 773-832-0200 x1102 773-832-0202 fax http://www.facilitywizards.com * Simple * Powerful * Flexible * -----Original Message----- From: Chris Buechler [mailto:cbuechler at gmail dot com] Sent: Thursday, June 29, 2006 1:26 PM Cc: m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] Help with layout.... On 6/29/06, Scott Karch <scott dot k at facilitywiz dot com> wrote: > > We have a /24 ( 255 IP addresses ) > I want to 1:1 NAT the entire subnet to a 10.0.1.x in case we ever move I > only need to change thr NAT and DNS, not every server. What is the best way > to 1:1 NAT these? Do I need 255 NAT entries? > Use 1:1 NAT to NAT the public /24 to the private /24 and enable proxy ARP for the public /24. BGP is inconsequential to this firewall setup. -Chris --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |