Actually the GNAT Box system software does allow multiple subnets on a single interface (we do this all the time here at GTA). Just use Alias screen to assign an ip to the interface. Make sure you assign the proper netmask. Normally when assigning aliases on the same subnet you must use 255.255.255.255, however when the ailas is on another subnet you need to use that subnet's netmask. The firewall will perform routine between the subnets.
IF1 PSN 192.168.100.1 255.255.255.0 Add an alias IF1 24.8.116.1 255.255.255.0 Now both 192.168.100.0 and 24.8.116.0 networks are on the IF1 interface. Defining one of these networks for Pass Through should be fine also. Paul > > >I don't think Gnatbox was designe dwith having multiple subnets on >the same interface, especially if one is passthrough while the other >is NAT. > >Chris Green > >>From: [EMAIL PROTECTED] >>To: [EMAIL PROTECTED] >>Subject: anyone run a similar setup? >>Date: Thu, 22 Nov 2001 02:49:02 -0600 >> >>--------------------- Attention ----------------------------- >>A digest version of this list is now available. >>Send email to [EMAIL PROTECTED], with the following message: >>subscribe gb-users-digest your_email_address >>Then unsubscribe from this list. >>------------------------------------------------------------- >>GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi >>Send postings to: [EMAIL PROTECTED] >>Access the list archives at: http://www.gnatbox.com/gb-users/ >>------------------------------------------------------------- >>Has anyone run a similar setup? >>This will probably be confusing but I will use x.x.x.x for fictitious >>public addresses and use the full address for the private ones. >> >>IF1 EXT x.x.1.1/24 >>IF2 PSN x.x.2.1/24 >> >>A route on the outside routes x.x.2.0/24 to x.x.1.1 >>x.x.2.0/24 defined as an IP Passthrough network. >> >>All the x.x.2.0 traffic basically doesn't use nat at all and filters >>are defined in the IP Passthrough filter section. >> >>Now the tricky part. Bind a private IP to IF2 say 192.168.1.1/24 >> >>So it now looks like. >> >>IF2 PSN x.x.2.1 and 192.168.1.1 >> >>The question is will the private addresses work fine using NAT on that >>same interface? >> >>...and before anyone even says it...yes it would be better to have an >>IF3 and put the private addresses there but that isn't the question. >>---------------------------------------------- >>To Unsubscribe: send mail to [EMAIL PROTECTED] >>with "unsubscribe gb-users your_email_address >>in the body of the message > > >_________________________________________________________________ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp > >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message --
