Our ISP assigned us 16 public IP addresses that we want to assign to hosts behind a Watchguard firebox x750e.
The IP addresses are: x.x.x.176/28 of which x.x.x.177 is the gateway.
The hosts will be running software that needs to be directly assigned the public IP address so 1:1 NAT is not an option.
I found this document that gives examples on how to assign public IP addresses to hosts behind the firewall, using an optional interface: http://www.watchguard.com/help/configuration-examples/public_IP_behind_XTM_configuration_example_(en-US).pdf
However, I can't implement scenario 1 as it won't allow me to use the same subnet on both interfaces. As for scenario 2, splitting the address range into 2 subnets will decrease the usable hosts on the optional interface to 5 (8 - network - broadcast - optional interface ip).
I'm convinced that there must be a better way to address this problem and maximize the number of usable IP addresses but I'm not very familiar with this specific firewall.
Are there any suggestions on how to keep the hosts behind the firewall with public IP addresses while maximizing the usable IP addresses?
thanks