Wan Masq and Vlans

Forums Network Management ZeroShell Wan Masq and Vlans

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #42101

    Hi Having real problems with passing static IP’s

    here’s the basic set up

    ETH02 & PPOE1 – Internet side with 16 static IP’s
    ETH00 – Lan side with sever vlans

    VLAN 12:
    on ETH00 add an external IP (78.xxx.xxx.xx2) to the vlan 12 to act as that gw address along with lan ip of
    in Post Script add the following code:
    route add -net 78.xxx.xxx.xx3 netmask gw
    Manually set the device with the static ip of 78.xxx.xxx.xx2

    VLAN 13:
    follow above but use next 2 WAN ip’s

    Vlan 14 :
    again as above but use next 2 WAN IP’s

    Now the problem is that traffic from VLAN 12 should now see a what is my IP as 78.xxx.xxx.xx3, vlan 13 as 78.xxx.xxx.xx5, and vlan 14 as 78.xxx.xxx.xx7

    However they all see what is my IP as 78.xxx.xxx.1 – the First WAN IP in the range.

    I’ve tried using some of the scripts in the forum but failing miserable with masquerading.

    this would look to me to be the most promising:
    iptables -t nat -I POSTROUTING –source 78.xxx.xxx.xx3 -j SNAT –to-source 78.xxx.xxx.xx3

    tried playnig around with the source to be the lan gateway ip of that vlan, the wan gateway ip of that vlan and the wan ip of the device on the end of that vlan.

    Nothing works – all traffic sees what is my ip as the very First WAN IP.

    this useually wouldn’t be problem other than i have a few remote backup servers that software checks its wan ip and then transfers data on this – and therefore getting lost and not working.




    I think you should do the following:

    1) Assign private IP’s on all the servers (, …).
    2) use the public IP’s in masquerade destination nat

    iptables -t nat -A PREROUTING -p tcp -d -j DNAT --to-destination

    Should be ok now.

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.