1:1 or Virtual IPs?
Most of my vLans are being given a dedicated public/WAN IP address. I've just mapped them all as 1:1 NATs, but now I think I might need virtual IP settings instead.
Which is it?
On top of the 'dedicated WAN' addresses for the vLans, some will also need port forwarding set up - does this change which I should use?
Those are two entirely different things. And if you're using public IPs internally, neither apply. More than anyone can explain here, read http://pfsense.org/book
The setup is;
Bonded ADSL line in with about a dozen usable IP addresses.
About 18 internal vLans (which must be totally closed from each other - except for the fact that one, vLan64, has to be available from all the other vLans).
Most of the vLans will have a dedicated public IP address, but a few will have to share.
And I need to get this working today (it's 1220 here in England)!!