Friday, April 30, 2004, 2:00:49 PM, Jim Wells (jwells at networksisp dot com) wrote:

JW> I have searched the archives looking for an answer
JW> to allow the public IP addresses I have to be used
JW> on the lan side of the monowall. I have attempted
JW> many configurations from the archives without any
JW> success. I have a Sonicwall that allows me to do
JW> this however I wish to replace it with the monowall
JW> for many many good reasons. Can someone help me with
JW> either a copy of their configuration or something.
JW> Does anyone have a document witten up? I have been
JW> able to configure the monowall with the standard NAT
JW> setup with public to private IP as well as IP sec VPN

JW> The public IP confiig on the lan side config has me stumped :(
JW> I know my hardware is working.
JW> I am using the cdrom / floppy version 1.0 on a Celeron PC with 2 Network
JW> cards

JW> My setup is a DSL connection with a /29 routed to me. Example not the real
JW> IP's 208.41.106.248/29

JW> ISP
JW>  |
JW>  |
208.41.106.249--->> DSL
JW>   |
JW>   |
JW> 208.41.106.250 (WAN) M0N0WALL
JW>   |
JW>   |
JW> 208.41.106.251 (LAN) M0N0WALL
JW>   |
JW>   |
JW> SWITCH
JW>   |     |---------------------
JW>   |                                     |
JW> WEB SERVER   MAIL SERVER
JW> .252                        .253



JW> TIA
JW> Jim


Hi,

TBH I'm don't know if that configuration will work with m0n0wall, but
what I did with a similar /28 supplied by my ADSL ISP was to put in a
3rd NIC and set up a filtered bridge between the WAN and OPT1
interfaces sharing 1 static IP. (With the LAN interface having a
non-routable 10.x.x.x address simply to prevent access to it from
outside my LAN.)

Obviously that will require an extra NIC and I think that Filtered
Bridging is technically an unsupported option, but I've been surprised
at just how easy it was to set up and it's been running very happily
on an old Pentium 233 for the last 4 months or so.

Cheers

-- 
Paul Browning
matchstick at oofg dot com