General Questions

I'm using m0n0wall in 4 locations and am very happy with it. Recently, I've decided to upgrade the connection at my main location to Optimum Business with 5 static IPs. In short, will m0n0wall handle this?

There's not going to be a 1:1 mapping between hosts and IP's - I'll have more than 5 hosts, not counting client-only machines.

I need to get the router/FW figured out before I get the new connection, as it's far too expensive to leave my current connection (FiOS) up and also pay for Optimum, at least for any extended period.

So...

1) How well does m0n0wall handle multiple static IPs on the WAN address?
2) I plan on using NAT for the clients (and I guess the servers, too). How well will this play with port forwarding, especially given multiple WAN IPs? Will m0n0wall even do this?
3) Is it possible to have outgoing traffic routed from specific IPs? i.e. outgoing from 192.168.1.1 goes out on x.y.z.a, traffic from 192.168.1.2 goes out on x.y.z.b, {...} and everything else goes out on x.y.z.e? (i.e. have outgoing from the servers routed from specific IPs, and have a catch-all for everything not specified as otherwise)?

Is there anything else that I'm missing?

I'm currently using m0n0wall on a dynamic (single IP) connection, and am happy with it. Essentially, I'd like everything to work as close to how it does now as possible, but have multiple IPs so that common services (HTTPS, mail, etc.) will reverse-validate, and work correctly.

Hi.
There are a couple of ways of doing this.  basically your ISP is designating you a small segment with one of the IP's being used for your WAN.  The first way of setting it up would be to add a DMZ network and bridge it with the WAN interface.  The downside of this is that you have to use one of your IPs for the new interface.  The other way is to use Proxy ARP which essentially lets you have the multiple WAN addresses.

I have never had to do this myself so am not the best person to tell you the details, but have a search for the documentation of the above.

Anyone else??? I've been busy with other projects for a while, but am ready to move forward on this... and I really don't want to have to buy a Cisco box...

I'm using m0n0wall in 4 locations and am very happy with it. Recently, I've decided to upgrade the connection at my main location to Optimum Business with 5 static IPs. In short, will m0n0wall handle this?

I'm doing exactly this with 10 static IPs allocated from my ISP, works like a charm without any issues.

There's not going to be a 1:1 mapping between hosts and IP's - I'll have more than 5 hosts, not counting client-only machines.

I need to get the router/FW figured out before I get the new connection, as it's far too expensive to leave my current connection (FiOS) up and also pay for Optimum, at least for any extended period.

Basically, as long as your router (provided by the ISP?) supports a WAN range, m0n0wall should be easy to setup.

So...

1) How well does m0n0wall handle multiple static IPs on the WAN address?

Quite simply, your ISP equipment is a router/gateway for m0n0wall. So if they gave you 5 static IP in the 55.55.55.5 to 10 range the main m0n0wall WAN IP would be one of those, say 55.55.55.5 for example.  Then the rest of them would just be extra ARP entries so that m0n0wall claims ownership for the 6,7,8,9.  The other one for 10 would be the gateway from the ISP (or it might be 4, check with them to make sure). So basically, your m0n0wall IP would be in that range along with their gateway.

2) I plan on using NAT for the clients (and I guess the servers, too). How well will this play with port forwarding, especially given multiple WAN IPs? Will m0n0wall even do this?

Yes, it does it quite well. You have two ways to achieve this, Server NAT and 1:1.
Server NAT allows you to forward ports from a static IP to multiple hosts (one to a web server, another to an e-mail server for example) 1:1 is a DMZ basically of the entire Static IP to a single client computer on the internal network.

3) Is it possible to have outgoing traffic routed from specific IPs? i.e. outgoing from 192.168.1.1 goes out on x.y.z.a, traffic from 192.168.1.2 goes out on x.y.z.b, {...} and everything else goes out on x.y.z.e? (i.e. have outgoing from the servers routed from specific IPs, and have a catch-all for everything not specified as otherwise)?

Yes, in the same area you have "Outbound NAT" which does exactly what you want.

Is there anything else that I'm missing?

I'm currently using m0n0wall on a dynamic (single IP) connection, and am happy with it. Essentially, I'd like everything to work as close to how it does now as possible, but have multiple IPs so that common services (HTTPS, mail, etc.) will reverse-validate, and work correctly.

The only thing missing is a big smile once you get it setup and realize that other companies charge a fortune for little routers that do the same thing, though in a more limited fashion than what m0n0wall allows you to do everything possible for FREE.