Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 3547 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nat with public addresses

abdnour ouazzani

hello

we have just changed the provider of the internet, he sent us addresses lan @ / 30 and wan @ / 30. the problem is how to do the Nat to connect to the internet with the public ip addresses provided by the provider internet.

Wé use sophos xg.



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    a /30 for internal will not give you many devices eg 2 only. If you need to match the internal to the external on a one for one basis you will need a full nat for each address and a seperate rule for each address.

    That does seem like an odd allocation, are you sure they didn't give you a /28 for internal use which would be more realistic?

    Ian

Reply
  • 0

    Hi,

    a /30 for internal will not give you many devices eg 2 only. If you need to match the internal to the external on a one for one basis you will need a full nat for each address and a seperate rule for each address.

    That does seem like an odd allocation, are you sure they didn't give you a /28 for internal use which would be more realistic?

    Ian

Children
  • 0 in reply to rfcat_vk

    Hi.

    Thank you for your answer.

    for more details lan between Sophos and provider  is / 30 one address that will be assigned to one of the sophos interfaces and the other is the gateway and for the wan (/ 30) so we have two addresses to use for the nat

    I tried with cisco router and it worked and with Sophos xg I don't know how to do.

    thank you

  • 0 in reply to rfcat_vk

    It's a bit of ISP terminology being used, they consider the WAN to be the bit that connects the ISP router on site to the upstream router and the LAN part to range assigned to the customer side of that router (where they'd plug in their firewall). If you have a wires only service it's normal to get two ranges handed to you.