If you bind additional IPs to the Alias subnet do you revert to 255.255.255.255?
i.e. >IF1 PSN 192.168.100.1 255.255.255.0 > >Add an alias > >IF1 24.8.116.1 255.255.255.0 alias 192.168.100.2 255.255.255.255 alias 24.8.116.2 255.255.255.255 On Thu, 22 Nov 2001 14:30:39 -0500, you wrote: >--------------------- Attention ----------------------------- >A digest version of this list is now available. >Send email to [EMAIL PROTECTED], with the following message: >subscribe gb-users-digest your_email_address >Then unsubscribe from this list. >------------------------------------------------------------- >GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi >Send postings to: [EMAIL PROTECTED] >Access the list archives at: http://www.gnatbox.com/gb-users/ >------------------------------------------------------------- >Actually the GNAT Box system software does allow multiple subnets on >a single interface (we do this all the time here at GTA). Just use >Alias screen to assign an ip to the interface. Make sure you assign >the proper netmask. Normally when assigning aliases on the same >subnet you must use 255.255.255.255, however when the ailas is on >another subnet you need to use that subnet's netmask. The firewall >will perform routine between the subnets. > >IF1 PSN 192.168.100.1 255.255.255.0 > >Add an alias > >IF1 24.8.116.1 255.255.255.0 > >Now both 192.168.100.0 and 24.8.116.0 networks are on the IF1 interface. > >Defining one of these networks for Pass Through should be fine also. > >Paul > > >> >> >>I don't think Gnatbox was designe dwith having multiple subnets on >>the same interface, especially if one is passthrough while the other >>is NAT. >> >>Chris Green >> >>>From: [EMAIL PROTECTED] >>>To: [EMAIL PROTECTED] >>>Subject: anyone run a similar setup? >>>Date: Thu, 22 Nov 2001 02:49:02 -0600 >>> >>>--------------------- Attention ----------------------------- >>>A digest version of this list is now available. >>>Send email to [EMAIL PROTECTED], with the following message: >>>subscribe gb-users-digest your_email_address >>>Then unsubscribe from this list. >>>------------------------------------------------------------- >>>GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi >>>Send postings to: [EMAIL PROTECTED] >>>Access the list archives at: http://www.gnatbox.com/gb-users/ >>>------------------------------------------------------------- >>>Has anyone run a similar setup? >>>This will probably be confusing but I will use x.x.x.x for fictitious >>>public addresses and use the full address for the private ones. >>> >>>IF1 EXT x.x.1.1/24 >>>IF2 PSN x.x.2.1/24 >>> >>>A route on the outside routes x.x.2.0/24 to x.x.1.1 >>>x.x.2.0/24 defined as an IP Passthrough network. >>> >>>All the x.x.2.0 traffic basically doesn't use nat at all and filters >>>are defined in the IP Passthrough filter section. >>> >>>Now the tricky part. Bind a private IP to IF2 say 192.168.1.1/24 >>> >>>So it now looks like. >>> >>>IF2 PSN x.x.2.1 and 192.168.1.1 >>> >>>The question is will the private addresses work fine using NAT on that >>>same interface? >>> >>>...and before anyone even says it...yes it would be better to have an >>>IF3 and put the private addresses there but that isn't the question. >>>---------------------------------------------- >>>To Unsubscribe: send mail to [EMAIL PROTECTED] >>>with "unsubscribe gb-users your_email_address >>>in the body of the message >> >> >>_________________________________________________________________ >>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp >> >>---------------------------------------------- >>To Unsubscribe: send mail to [EMAIL PROTECTED] >>with "unsubscribe gb-users your_email_address >>in the body of the message
