Add /29 block to single WAN with existing /30
-
existing WAN ip is in .252 and the new block is in .248
All routed to existing WAN IP by datacenter.
I have added a VIP and a 1:1 IP Alias on WAN /29 IP
(which I did not think was needed since the new block is routed to existing IP) none the less.Manual outbound NAT to WAN from LAN IP - source *; destination /29 IP ; dest port *; NAT port *;
Added Port forwards for HTTP from VIP to LAN IP
What am I missing here, I cannot get access from external IP in any sense.
Trying to accomplish static IP's to virtual machines on LAN.
-
Ended up using proxy arp to make it work. Not sure if this is the correct way to do this, none the less, unless someone has a better way ?
Thanks
-
I lie - I used IP Alias - the reboot is what made it come together.
Again though if anyone has a better approach I'm all ears.
Thanks
-
Well, you can bridge WAN and LAN … so you'll be able to assign routed IP to any intranet pc. Never tried this myself but I think it should work. There is a possibility that you'll lose some functionality but I'm not sure.
-
Well, you can bridge WAN and LAN … so you'll be able to assign routed IP to any intranet pc. Never tried this myself but I think it should work. There is a possibility that you'll lose some functionality but I'm not sure.
Thanks shields, not sure if I want to try something like this though. Keeping all ports and traffic separate is key here, as each IP points to a single container on one of various nodes. As it stand at the moment port holes are punched defined to a specific VM / node.
I just always look to insure not only usability / connectivity is there, but security and proper formation. As at some point soon I'll need to add a switch and separate with vlans, which attempting to bind such interfaces would be something not in my realm of sanity.
Thanks, Rick
