----- Original Message -----
From: "Joe Lagreca" <lagreca at gmail dot com>
To: "sylikc" <sylikc at gmail dot com>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Thursday, August 05, 2004 3:13 PM
Subject: Re: [m0n0wall] HowTo multiple IP adresses on my WAN?
> Would it be possible to do a 1:1 like this: xxx.xxx.xxx.147/32 ->
> 192.168.1.90 ?
It should be
try using 1:1 or serverNAT for that ...
I'm not able to test it here because my wan conecction is adsl pppoe, so i
have only 1 valid IP.
> Once you create the mapping, how do you create rules to allow traffic
> to come in from these IP's? A specific example, just for testing,
> would be VNC. I want to pass 5900 from xxx.xxx.xxx.147 to
> 192.168.1.90. Would I just pass from the WAN, any source, source port
> 5900, destination 126.96.36.199, destination port 5900?
Use inbound NAT for that(never beta versions show you the varius
ips/interfaces you can use for inbound traffic: External Address field .. it
says: If you want this rule to apply to another IP address than the IP
address of the interface chosen above, select it here (you need to define IP
addresses on the Server NAT page first). ), and check the box to
automaticaly create the firewall rule for you.
> Also would it be possible for m0n0wall to act as a transparent bridge
> and filter the traffic that flows across it? So I could give a router
> on the other side of m0n0wall a public ip address that has been
> filtered by m0n0?
It still doesn't do that, I'm needing such a feature too.
> Thank you.
> On Wed, 4 Aug 2004 00:48:51 -0700, sylikc <sylikc at gmail dot com> wrote:
> > For example, if you had an internal server that would use 146-150, and
> > your internal subnet is 192.168.1.0/24, do a 1:1 mapping for
> > xxx.xxx.xxx.146/32 -> 192.168.1.146
> > xxx.xxx.xxx.147/32 -> 192.168.1.147
> > xxx.xxx.xxx.148/32 -> 192.168.1.148
> > xxx.xxx.xxx.149/32 -> 192.168.1.149
> > xxx.xxx.xxx.150/32 -> 192.168.1.150
> > I'm not necessarily sure if you could map them all to the exact same
> > address, but in the case that you can't, just bind your server to
> > those addresses if you want to use all those external IPs to hit the
> > same internal server.
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch