multiple external ip

Forums Network Management ZeroShell multiple external ip

  • This topic is empty.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
  • #40924

    I got this application running on computers behind my zeroshell box, but it needs to connect to server from different external ips (dunno what kind of id10t implemented it that way, but…)

    The thing is I have external ips
    e.e.e.1 : e.e.e.6 and 5 workstations with internal ips
    I want each of them to use the corresponding external ip on the way out, and other computers on the net to use the e.e.e.6.
    Most important is that I want them to be behind the nat,I dont want the workstations to have external ips!



    if i understood, you want a single interface to be assigned to several different IP’s? And then NAT each IP to a different computer on your network, is that it?




    Why do you want to NAT the PC’s?
    What you want is a firewall…


    u mean, to route the ips and filter almost all traffic coming there? but than i can not use the dhcp, the thing is, that the machines are all on local subnet, but when each makes an connection it uses different external ip.

    i need to use dhcp, samba, etc on my private network, but the service provider, has to think, it is not this way

    pretty unusual, but secure and well workng on other distribution, but the QOS, vpn and administration are arguments for zeroshell, pretty good arguments


    I have a similar setup but instead of workstations with external IPs I have servers.

    How I set it up is to have three interfaces

    eth00/ppp00 = WAN
    eth01 = LAN
    eth02 = Server (public) Subnet

    The block of IP addresses I am assigned through PPPoE puts the gateway address for the ppp00 interface. Assign this same address to the eth02 interface and zeroshell will add an auto route to the routing table for the eth02 subnet.

    You can enable DHCP on the LAN and Public subnets if you wish (I have DHCP on the LAN and hand-code the servers)

    Enable NAT on both the ppp00 (or eth00 if you don’t use PPPoE) and the eth02 interface. This works for my setup because the eth02 interface is basically set up as a second mini-internet that only handles the subnet for the static block of IPs, everything else goes out the ppp00 interface.

    If there is a better way to do this that would allow me to map just ports from external addresses to internal (private) addresses that would be preferable. From what I can tell there is no mechanism for re-routing publicIP:port to privateIP:port, just Port to IP:Port

    Hope my setup is helpful, and if you know of a better way let me know.




    I’d like to be able to specify the public ip when setting up virtual servers so that I can have port 80 on each public ip go to different internal servers. Is that possible?



    As far as I can tell you can’t forward ports for individual ip addresses.

    I would like to do this as well.

    What you can do is set up a route for the servers using public IPs as above.

    However on my network I have some servers that will never use certian ports. For example I have a web server that will never run VoIP, so if I could forward the ports for VoIP from that IP address to another server I could use the limited number of IP addresses more efficiently.

    Another huge limitation I have found on this software is that there is no way to easily forward a block of ports such as 5060-5070 or 10000-20000. The first block wouldn’t be so bad considering it is only 10 rules, but there is no way I’m going to sit and forward 10,000 ports one at a time.

    This is both a feature request and a realization that I need to go back to my previous firewall application until zeroshell is ready. I really like the software but it seems it is not ready for use in my situation.

    Good luck

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.