News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  General Questions
linktree Topic: Additional subnet to use as WAN addresses
Pages: [1]
Topic: Additional subnet to use as WAN addresses  (Read 1271 times)
« on: October 02, 2012, 21:52:47 »
eddiefdz *
Posts: 6
Hello All,

I originally got a /27 subnet from my ISP to use on my monowall. Fast forward to now, 2 years later, i am about to run out of public addresses. I requested another /27 subnet from my provider and now i want to make use of those addresses on my monowall router. I asked the ISP to route that new /27 network to the existing WAN ip address of my monowall.

What do i do now if I want to make use of those new addresses on the monowall? Should i just be able to create a 1:1 nat as i have always done? I tried doing that, but it does not seem to work.

HELP!

Thanks,
Eddie
« Reply #1 on: October 03, 2012, 22:48:32 »
Јаневски ***
Posts: 153
Hello Eddie, in my opinion the best way of using routed subnet is by adding routed subnets not NAT.

Let me explain:
You have:
x.y.z.k/p - public m0n0 IP on WAN
m.n.o.p/27 - first static routed subnet to m0n0 IP DMZ1 on OPT1 (first usable IP)
q.w.e.r/27 - second static routed subnet to m0n0 IP DMZ2 on OPT2 (first usable IP)
192.168.0.1/24 - management on LAN
You need to do:


                                                                              [ISP router] ISP network
                                                                                      |ethx x.y.z.o/p
                                                                                      |
                                                                                      |
                                                                                      |eth0 x.y.z.k/p
DMZ2 network [switch]---------------- q.w.e.r/27 eth3[m0n0 router]eth2 m.n.o.p/27 ----------------[switch] DMZ1 network
                                                                                      |eth1 192.168.0.1/24
                                                                                      |
                                                                                      |
                                                                                      |eth0 192.168.0.254/24
                                                                         [management PC] LAN management network
« Last Edit: October 03, 2012, 22:54:21 by Јаневски »
http://janevski.net
« Reply #2 on: October 04, 2012, 03:55:36 »
gus *
Posts: 27
Is your existing WAN IP part of the original /27?

I think if you have a second /27 that are routed to your WAN IP, you need to set up Server NAT for each IP, I don't think there is a way to list a second /27 with one rule - unless you could get a /26

I had something like this set up on a mono box a couple years ago in the lab, but can't find my notes on it.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines