NAT to different Public IP's
Hi everyone,
I am getting a second internet connection into the office next week and will probably post how to use both at the same time using my Linux firewall(Ubuntu / Shorewall).
For now though, I am trying to accomplish this:
We have 5 static IP's and I have everything working. 1 IP bound to eth1 and the other 4 bound to virtual interfaces, eth1:1, etc.
I also have static NAT or 1-1 NAT on 3 of the virtual adapters going right to our hosting servers. This seems to work fine. I don't know if SNAT / 1-1 was the right way but I needed these servers to respond using the proper public IP I assigned the DNS to.
So, overall things seem to work fine for all traffic inbound.
What I am trying to do now is route some of our internal clients through my free public IP. I use Shorewall on Ubuntu 8.10 server if that matters.
So in my MASQ file I have eth0 going to eth1. This is allowing all computers on our 192.168.1.x subnet to access the internet.
I want to take a few of these clients and put those through the same eth1 interface but not using the eth1 IP. I want those few clients to use my free public IP. I tried adding a new MASQ rule above the default one and for the source I used my LAN IP and the Dest I chose eth1 and provided a specific public IP. This doesn't seem to work. Once I do this, I checked what my external IP was reporting as and it never changed. I tried different things in the MASQ file and it always reports the 1 IP bound to eth1.
Does anyone know what I need to do to have a few clients NAT on a different IP than the one bound to eth1?
The reason I am trying this is when I figured I'll need to know this when I get the second internet connection next week. Only a few clients on the same LAN subnet will be using this second connection. I am sure I'll have to post for help though. It doesn't seem simple.
Thanks for any help you can offer.
|