mudfish Posted November 15, 2007 Report Share Posted November 15, 2007 heres my network.i have an adsl modem connected to a linksys router.the router is then connected to a mandrake linux box.the linux box shares his internet to my lan(which has a firestarter firewall and squid running) eth1=router eth0=lan now my isp assigned me 6 public ip's.i want to distribute this 6 public ip's inside my lan i.e use their public ip addresses inside my network.it will be used for connecting to a remote vpn server(the vpn server does not accept multiple connections using only 1 ip address).any info on how to do that? or maybe some iptable rules for me to get going?is it possible? :mellow: Quote Link to comment Share on other sites More sharing options...
Dyslexic Posted November 15, 2007 Report Share Posted November 15, 2007 If you disable DHCP on the router and use it just as a switch, it should work the way you want. You may also have to switch it from gateway mode to router mode. I don't remember exactly how Linksys routers are configured. My prefered configuration is to put the switch behind the linux box rather than in front. (DSL -> Linux -> Switch -> Network) You'll probably want to manually assign those IPs to each box just to make sure they don't get switched around. Quote Link to comment Share on other sites More sharing options...
scarecrow Posted November 15, 2007 Report Share Posted November 15, 2007 Agree with Dyslexic- his proposed config makes more sense. Quote Link to comment Share on other sites More sharing options...
paul Posted November 16, 2007 Report Share Posted November 16, 2007 I'd load private IPs on the lan, and use proxy arp on the router to answer replies to the public IPs Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 16, 2007 Report Share Posted November 16, 2007 As paul said. Or use the public IP's on the firewall and nat them to the machine you want to use with it. Depending of course if your router/firewall can take more than one multiple public IP on it's WAN (internet-facing) interface. Quote Link to comment Share on other sites More sharing options...
mudfish Posted November 16, 2007 Author Report Share Posted November 16, 2007 As paul said. Or use the public IP's on the firewall and nat them to the machine you want to use with it. Depending of course if your router/firewall can take more than one multiple public IP on it's WAN (internet-facing) interface. i am not that good in networking especially when it comes to linux and. have read bout proxyarp and it seems too difficult for my brain to catch it up.i am looking for a much simpler solution.btw, my linksys model is rt31p2-na and it doesn't support 1:1 NATting. anybody can explain this code to me if this iptable rules really works on the firewall.it says it is 1:1 NATting ## Standard Stuff ## echo 1 > /proc/sys/net/ipv4/ip_forward iptables --table nat -A POSTROUTING -o eth0 -j SNAT --to $NAT_IP ## The 1:1 NAT stuff ## iptables -t nat -A PREROUTING -d $EXTERNAL_IP \ -j DNAT --to-destination $INTERNAL_IP iptables -t nat -A POSTROUTING -s $INTERNAL_IP \ -j SNAT --to-source $EXTERNAL_IP iptables -t nat -A POSTROUTING -s $INTERNAL_NET -d $INTERNAL_IP \ -j SNAT --to-source $NAT_IP Where $NAT_IP is the external IP of your firewall. The last rule is required if you want hosts on your internal net to be able to talk to that external IP as well. have found it at http://www.mybrainhurts.com/blog/2007/07/1...r-firewall.html thanks Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 16, 2007 Report Share Posted November 16, 2007 The linksys will allow you to do it through the web gui. Although I expect it can only assign one public IP. As long as you don't need to nat the sameport to different machines, then you'll be fine with using just one public ip. Quote Link to comment Share on other sites More sharing options...
mudfish Posted November 16, 2007 Author Report Share Posted November 16, 2007 The linksys will allow you to do it through the web gui. Although I expect it can only assign one public IP. As long as you don't need to nat the sameport to different machines, then you'll be fine with using just one public ip. hi.u mean it can be done in my linksys router even it has no 1:1 NAT feature.can you tell me how to do it? :) .i can send to you the pdf manual of my router. :) Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 16, 2007 Report Share Posted November 16, 2007 Providing you can assign public IP to WAN port. WHat model of router? We can check it. Quote Link to comment Share on other sites More sharing options...
mudfish Posted November 18, 2007 Author Report Share Posted November 18, 2007 Providing you can assign public IP to WAN port. WHat model of router? We can check it. sorry for the late reply ian.it's a linksys router model RT31PN-AN. attach is the pdf manual. rt31p2_ug.pdf Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 19, 2007 Report Share Posted November 19, 2007 OK, I'm on a training course right now, but I will check the manual and post back in a bit, unless someone beats me to it :) Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted December 14, 2007 Report Share Posted December 14, 2007 Sorry for late reply. I don't see it in the manual, but I'm pretty sure you can set a static IP address to the wan interface. This should be through the basic setup for adding the information for internet connection etc. I need to see how the ADSL modem side of things is configured as the router will be using this to connect to the internet. So, if you can find the screen on the webconfig for this and then take a screenshot and paste it here, we can then take a look at seeing how we can set the public IP. Then, once we have a static ip that the adsl router is using we just need to port forward to the machine you want to access. I need to see the screenshots from the webconfig so that we can see what to do next. Quote Link to comment Share on other sites More sharing options...
mudfish Posted January 8, 2008 Author Report Share Posted January 8, 2008 one of the linux gurus here in our place set it up using bridge utils? and proxyarp?.man, i dont know that stuff and the configs.he just added one nic to my gateway (i dunno how he set it up but it works..)i am still looking for a much simpler solution than the one he did.btw he remove the router and he connected the adsl modem to eth1,eth0 is the firewall ip and eth2 is the network bridge?!anyway thanks ianw1974 for the help. B) Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted January 11, 2008 Report Share Posted January 11, 2008 Yeah, that's the easiest way to do it. Although bridging doesn't necessarily need to be used. For example, you can have a machine with two network cards running Linux, or even one card and a USB ADSL modem if you don't have one to connect to the ethernet port. Install iptables for the firewall side of things, and then enable IP forwarding. Once iptables has been configured correctly, and the ppp stuff or whatever for connecting to the internet is done, then you have internet access using the public IP assigned to the ADSL modem. This might be similar to how he did it. At least this is how I would do it, but you could or should have been able to do it with the linksys also. Just maybe a little more trickier. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.