[ previous ] [ next ] [ threads ]
 
 From:  "Jason P Jones" <jjones at integracon dot com>
 To:  "'David Cook'" <david dot cook at jetpress dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] IP aliases on external interface
 Date:  Thu, 19 Feb 2004 03:06:56 -0500
Wouldn't this be a simple addition to the GUI for static IP configuration? I
would think that this is a fairly common scenario for firewall users in the
class that would look to M0n0wall.

Jason P Jones
MCSE+I,MCT,CCNA,LCP,CCA,CNA,CIWA,INET+,Network+,A+
Integracon Technologies
865.382.7400  

-----Original Message-----
From: David Cook [mailto:david dot cook at jetpress dot com] 
Sent: Thursday, February 19, 2004 3:03 AM
To: 'm0n0wall at lists dot m0n0 dot ch'
Subject: RE: [m0n0wall] IP aliases on external interface


Hi Jason,

Yes this is supported. You need to use Proxy ARP so that m0n0wall sends ARP
replies on the WAN interface for IP addresses other than that specified in
the WAN configuration. This is in effect 'binding' the multiple IPs to the
WAN interface.

Once additional IPs are configured in Proxy ARP then they can be used for
NAT, either Inbound, Server NAT, 1:1 or Outbound. If you want to use Inbound
NATing based on ports, don't forget that any IP address other than that
specified in the WAN configuration needs to be configured in Server NAT.

Bridging is only really appropriate if you want to assign IP addresses from
the network on your WAN interface directly to hosts behind m0n0wall.


>-----Original Message-----
>From: Jason P Jones [mailto:jjones at integracon dot com]
>Sent: 19 February 2004 07:44
>To: m0n0wall at lists dot m0n0 dot ch
>Subject: [m0n0wall] IP aliases on external interface
>
>
>Are IP aliases (allowing multiple IP's bound to external
>interface) planned
>in the future. I know that you can bridge a DMZ interface- but that's a
>hack/kludge- not what I'm asking). I have several situations 
>where 2-5 IP's
>may be bound to external interfaces with ports being forwarded from
>different external IP's to different internal hosts- EG.
>X.X.X.5:80-->192.168.1.7:80 and X.X.X.5:80-->192.168.1.8:80 - 
>etc. etc..
>And this would open up a couple of new installs for m0n0wall 
>in these cases
>for these networks.
>
>Thanks!
>
>Jason P Jones
>MCSE+I,MCT,CCNA,LCP,CCA,CNA,CIWA,INET+,Network+,A+
>Integracon Technologies
>865.382.7400
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>_______________________________________________________________
>_________
>This e-mail has been scanned for all viruses by Star Internet. The
>service is powered by MessageLabs. For more information on a proactive
>anti-virus service working around the clock, around the globe, visit:
>http://www.star.net.uk
>_______________________________________________________________
>_________
>

JET PRESS LIMITED
Nunn Close
Huthwaite
Nottinghamshire
NG17 2HW
UK

Web:	www.jetpress.com
Tel:	+44-1623-551 800
Fax: 	+44-1623-551 175


Confidentiality Notice 
This message and its contents are confidential.  The contents are solely for
the attention of the recipient(s) named above and any unauthorised
disclosure, copying or distribution is forbidden.  If you are not the
recipient named above, please contact the sender immediately and destroy
this message.  The views expressed in this message are those of the sender
and not necessarily those of JET PRESS LIMITED.

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch