Jump to content

public ip inside my lan [solved]


mudfish
 Share

Recommended Posts

heres my network.i have an adsl modem connected to a linksys router.the router is then connected to a mandrake linux box.the linux box shares his internet to my lan(which has a firestarter firewall and squid running)

 

eth1=router

eth0=lan

 

now my isp assigned me 6 public ip's.i want to distribute this 6 public ip's inside my lan i.e use their public ip addresses inside my network.it will be used for connecting to a remote vpn server(the vpn server does not accept multiple connections using only 1 ip address).any info on how to do that? or maybe some iptable rules for me to get going?is it possible?

 

:mellow:

Link to comment
Share on other sites

If you disable DHCP on the router and use it just as a switch, it should work the way you want. You may also have to switch it from gateway mode to router mode. I don't remember exactly how Linksys routers are configured. My prefered configuration is to put the switch behind the linux box rather than in front. (DSL -> Linux -> Switch -> Network)

 

You'll probably want to manually assign those IPs to each box just to make sure they don't get switched around.

Link to comment
Share on other sites

As paul said. Or use the public IP's on the firewall and nat them to the machine you want to use with it. Depending of course if your router/firewall can take more than one multiple public IP on it's WAN (internet-facing) interface.

Link to comment
Share on other sites

As paul said. Or use the public IP's on the firewall and nat them to the machine you want to use with it. Depending of course if your router/firewall can take more than one multiple public IP on it's WAN (internet-facing) interface.

i am not that good in networking especially when it comes to linux and. have read bout proxyarp and it seems too difficult for my brain to catch it up.i am looking for a much simpler solution.btw, my linksys model is rt31p2-na and it doesn't support 1:1 NATting. :wall:

 

anybody can explain this code to me if this iptable rules really works on the firewall.it says it is 1:1 NATting

 

## Standard Stuff ##

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables --table nat -A POSTROUTING -o eth0 -j SNAT --to $NAT_IP

 

## The 1:1 NAT stuff ##

iptables -t nat -A PREROUTING -d $EXTERNAL_IP \

-j DNAT --to-destination $INTERNAL_IP

iptables -t nat -A POSTROUTING -s $INTERNAL_IP \

-j SNAT --to-source $EXTERNAL_IP

iptables -t nat -A POSTROUTING -s $INTERNAL_NET -d $INTERNAL_IP \

-j SNAT --to-source $NAT_IP

 

 

 

Where $NAT_IP is the external IP of your firewall. The last rule is required if you want hosts on your internal net to be able to talk to that external IP as well.

have found it at

http://www.mybrainhurts.com/blog/2007/07/1...r-firewall.html

 

 

thanks

Link to comment
Share on other sites

The linksys will allow you to do it through the web gui. Although I expect it can only assign one public IP. As long as you don't need to nat the sameport to different machines, then you'll be fine with using just one public ip.

Link to comment
Share on other sites

The linksys will allow you to do it through the web gui. Although I expect it can only assign one public IP. As long as you don't need to nat the sameport to different machines, then you'll be fine with using just one public ip.

hi.u mean it can be done in my linksys router even it has no 1:1 NAT feature.can you tell me how to do it? :) .i can send to you the pdf manual of my router. :)

Link to comment
Share on other sites

  • 4 weeks later...

Sorry for late reply. I don't see it in the manual, but I'm pretty sure you can set a static IP address to the wan interface. This should be through the basic setup for adding the information for internet connection etc.

 

I need to see how the ADSL modem side of things is configured as the router will be using this to connect to the internet. So, if you can find the screen on the webconfig for this and then take a screenshot and paste it here, we can then take a look at seeing how we can set the public IP. Then, once we have a static ip that the adsl router is using we just need to port forward to the machine you want to access.

 

I need to see the screenshots from the webconfig so that we can see what to do next.

Link to comment
Share on other sites

  • 4 weeks later...

one of the linux gurus here in our place set it up using bridge utils? and proxyarp?.man, i dont know that stuff and the configs.he just added one nic to my gateway (i dunno how he set it up but it works..)i am still looking for a much simpler solution than the one he did.btw he remove the router and he connected the adsl modem to eth1,eth0 is the firewall ip and eth2 is the network bridge?!anyway thanks ianw1974 for the help. B)

Link to comment
Share on other sites

Yeah, that's the easiest way to do it. Although bridging doesn't necessarily need to be used. For example, you can have a machine with two network cards running Linux, or even one card and a USB ADSL modem if you don't have one to connect to the ethernet port. Install iptables for the firewall side of things, and then enable IP forwarding. Once iptables has been configured correctly, and the ppp stuff or whatever for connecting to the internet is done, then you have internet access using the public IP assigned to the ADSL modem.

 

This might be similar to how he did it. At least this is how I would do it, but you could or should have been able to do it with the linksys also. Just maybe a little more trickier.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...