[ previous ] [ next ] [ threads ]
 
 From:  "Bob Young" <bob at lavamail dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  1:1 NAT or M0n0 in bridge ?
 Date:  Mon, 03 Sep 2007 23:41:41 -0400
Let's say I have the following setup, and a customer, who wants a public
static IP, is connected to M0n0wall, by a PTP wireless system.

Internet > M0n0wall (with 1:1 NATing) > PTP wireless system > customer
router (NATed with private static IP on wan) > switch > rest of customer
network

Just think of the bridged wireless system, as a long Ethernet cable.

I understand that with 1:1 NATing, the customer would have a private static
IP address on the WAN port of his router.and I would have to configure a
public static IP in the 1:1 NATing section of my M0n0wall. 

Wouldn't this 1:1 NATing allow the customer to remote into his network, just
the same as if the my M0n0wall was in bridge mode and the customer had a
public static IP address on the WAN port of his router?

But, I have heard that some applications on the customer's computer (that he
might try to access remotely.maybe via VPN), may not work properly, unless
the WAN port of the customer's router actually had a public static IP
address. I'm not sure how true that is.   I hope it isn't true, since it
seems that 1:1 NAT would be better then operating my M0n0wall in bridge
mode.

So I could use some comments on this.

I would think that 1:1 NATing would even have some advantages, such as the
inherent security of NAT.

Thanks for any comments on this.