2

we have a 5 public IP addresses. What we basically want to do is have a router(one single router) that will translate a static private IP so that it uses a static public IP(as in, NOT the gateway public IP)

Is this possible to do without multiple routers/nic cards(more than 2 nic cards)?

For example: say we have 3 computers 192.168.1.2-5 well we want for 192.168.1.3 to have the static public IP of ..*.1 where our gateway has *.6.

Basically, it would be setup so that whenever someone does a ping from the internet to ..*.1 it would come through the router and be routed to our computer 192.168.1.3. And also for all outgoing traffic from 192.168.1.3 it is marked as going out from ..*.1

Earlz
  • 969
  • 5
  • 12
  • 28
  • This is possible with most good routers. Specify your router model if you want to receive complete answers. – Max Alginin Dec 31 '09 at 17:25
  • well at the moment we have a crappy linksys WRT160Nv2... but we are willing to create a new router(from a computer) – Earlz Dec 31 '09 at 17:32

3 Answers3

1

As Kyle said, yes, this is possible depending on what you're using for your router. Since you didn't mention a specific model/technology, I'll assume you haven't chosen a router yet. In that case, I'll recommend Pfsense. It can run on a spare PC you have sitting around or altertatively, one of several low-voltage embedded platforms. PFSense is based on FreeBSD, and as such is free (beer) and free (speech).

In PFsense, you can set up "Virtual IPs" on the WAN interface - these can be natted through to the lan via 1:1 NAT or 1:N NAT, depending on what your needs are.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • hmm... very interesting.. I've never seen a distro like that... especially of a BSD... I'm going to try the live CD now.. – Earlz Dec 31 '09 at 18:01
0

This is possible to do as you describe, you will just need the right router software to do it.

The real question is whether or not your router is capable.

  • Can it be done with whatever supports NAT? Could you elaborate on what kind of software(*nix)? – Earlz Dec 31 '09 at 17:33
0

That feature is normally called "1 to 1 NAT". Look for that in the documentation of whatever routers you consider. Domestic routers don't normally have that feature, but any open-source or corporate grade router should be able to do it; all the BSDs and Linux have that feature in their kernels.

Personally, I'd use a Linux-based router with a recent Shorewall firewall package (you do want some security, right?), that can certainly do it. In fact, I just did that using a used server, with Ubuntu 9.10 and the latest Shorewall. OpenWRT should let you do it pretty inexpensively.

Andrew McGregor
  • 1,152
  • 7
  • 4