Example, adapted from a similar setup I'm running, as per my earlier thread in this section:
I have public IP addresses x.x.x.0 - x.x.x.32 (/27) using gateway x.x.x.1
WAN is x.x.x.2/30
OPT1 is x.x.x.17/28 (clients on OPT1 can be x.x.x.18 - x.x.x.30 using x.x.x.17 as gateway)
[You'll notice that this leaves a gap of unused addresses from x.x.x.4 -- x.x.x.15. This was necessary in my case because I only have the one subnet to work with. If you have any two separate subnets for WAN and OPT1, go for it.]
Create static route for OPT1 x.x.x.0/27 (/28 would make more sense to me, but my situation is a little different from this example and /28 didn't work, so I had to go with /27)
Firewall rules to allow traffic to/from OPT1 x.x.x.16/28
Advanced outbound NAT enabled with an entry for LAN subnet
Proxy arp on WAN for x.x.x.16/28 if necessary
db
|