What is the difference between 1:1 and Server NAT?  Right now I am
trying to use 1:1, but have not been sucessful (that is not
representative that m0n0 doesnt work, just that I dont know what I'm
doing).  I'm trying to map all of my external IP's to my m0n0 and have
them point to internal IP's.

Joe


On Thu, 5 Aug 2004 15:58:15 -0300, Allan D. Piske <zyryz at terra dot com dot br> wrote:
> 
> ----- Original Message -----
> From: "Joe Lagreca" <lagreca at gmail dot com>
> To: "sylikc" <sylikc at gmail dot com>
> Cc: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Thursday, August 05, 2004 3:13 PM
> Subject: Re: [m0n0wall] HowTo multiple IP adresses on my WAN?
> 
> > Would it be possible to do a 1:1 like this: xxx.xxx.xxx.147/32 ->
> > 192.168.1.90   ?
> >
> It should be
> try using 1:1 or serverNAT for that ...
> I'm not able to test it here because my wan conecction is adsl pppoe, so i
> have only 1 valid IP.
> 
> > Once you create the mapping, how do you create rules to allow traffic
> > to come in from these IP's?  A specific example, just for testing,
> > would be VNC.  I want to pass 5900 from xxx.xxx.xxx.147 to
> > 192.168.1.90.  Would I just pass from the WAN, any source, source port
> > 5900, destination 66.146.190.147, destination port 5900?
> >
> Use inbound NAT for that(never beta versions show you the varius
> ips/interfaces you can use for inbound traffic: External Address field .. it
> says: If you want this rule to apply to another IP address than the IP
> address of the interface chosen above, select it here (you need to define IP
> addresses on the Server NAT page first).  ), and check the box to
> automaticaly create the firewall rule for you.
> 
> 
> > Also would it be possible for m0n0wall to act as a transparent bridge
> > and filter the traffic that flows across it?  So I could give a router
> > on the other side of m0n0wall a public ip address that has been
> > filtered by m0n0?
> It still doesn't do that, I'm needing such a feature too.
> >
> > Thank you.
> >
> > Joe
> >
> >
> > On Wed, 4 Aug 2004 00:48:51 -0700, sylikc <sylikc at gmail dot com> wrote:
> > > For example, if you had an internal server that would use 146-150, and
> > > your internal subnet is 192.168.1.0/24, do a 1:1 mapping for
> > > xxx.xxx.xxx.146/32 -> 192.168.1.146
> > > xxx.xxx.xxx.147/32 -> 192.168.1.147
> > > xxx.xxx.xxx.148/32 -> 192.168.1.148
> > > xxx.xxx.xxx.149/32 -> 192.168.1.149
> > > xxx.xxx.xxx.150/32 -> 192.168.1.150
> > >
> > > I'm not necessarily sure if you could map them all to the exact same
> > > address, but in the case that you can't, just bind your server to
> > > those addresses if you want to use all those external IPs to hit the
> > > same internal server.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>