[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  jftheroux at privalodc dot com
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IP aliases on WAN interface
 Date:  Mon, 15 Mar 2004 20:58:03 +0100
On 15.03.2004 13:57 -0500, Jean-Francois Theroux wrote:

> If i add public IPs in the Server NAT section. Does that mean all
> those IP will be binded to the WAN interface? Would it be possible
> afterward to forward all traffic from one of those alias to a
> private IP behind?

If you have at least as many public IP addresses as servers, you can
simply use 1:1 NAT to map a private server IP address to a public IP
address in both directions. Otherwise (you've got fewer public IP
addresses than servers) you need to define the public IP addresses
you want to use on the Server NAT page and then use the incoming NAT
page to redirect the ports on each "Server NAT" address to the
desired servers.

In any case, this does not "bind" the public IP addresses you entered
on the 1:1 or Server NAT page to the WAN interface. If you have a
real subnet that is routed to you (i.e. your provider has a static
route for that subnet which points at your m0n0wall's WAN IP
address), you don't need to do anything. Otherwise (you don't have a
real subnet, just a few public IP addresses), you also have to use
proxy ARP to make m0n0wall reply ARP queries on WAN for these
addresses.

HTH,

Manuel