This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nat with public addresses

hello

we have just changed the provider of the internet, he sent us addresses lan @ / 30 and wan @ / 30. the problem is how to do the Nat to connect to the internet with the public ip addresses provided by the provider internet.

Wé use sophos xg.

This thread was automatically locked due to age.

0 rfcat_vk over 7 years ago

Hi,

a /30 for internal will not give you many devices eg 2 only. If you need to match the internal to the external on a one for one basis you will need a full nat for each address and a seperate rule for each address.

That does seem like an odd allocation, are you sure they didn't give you a /28 for internal use which would be more realistic?

Ian
Cancel
Vote Up 0 Vote Down

Cancel
0 abdnour ouazzani over 7 years ago in reply to rfcat_vk

Hi.

Thank you for your answer.

for more details lan between Sophos and provider is / 30 one address that will be assigned to one of the sophos interfaces and the other is the gateway and for the wan (/ 30) so we have two addresses to use for the nat

I tried with cisco router and it worked and with Sophos xg I don't know how to do.

thank you
Cancel
Vote Up 0 Vote Down

Cancel
0 carbon15 over 7 years ago

You should find you can actually use all 4 IP addresses in the WAN range you've been given, add an alias on the interface that your internet connection is on - one for each WAN address with a /32 subnet mask and you'll be good to go.
Cancel
Vote Up 0 Vote Down

Cancel
0 carbon15 over 7 years ago in reply to rfcat_vk

It's a bit of ISP terminology being used, they consider the WAN to be the bit that connects the ISP router on site to the upstream router and the LAN part to range assigned to the customer side of that router (where they'd plug in their firewall). If you have a wires only service it's normal to get two ranges handed to you.
Cancel
Vote Up 0 Vote Down

Cancel