Hi everyone,
Sorry if my question is pretty simple, but I’ve tried figuring out the following and came to no clear conclusion.
I do have a XG106 in Bridge mode since the ISP device I want to route into my network doesn’t offer bridging options.
Target is to route the Internet connection into four strictly separated VLANs, applying traffic shaping (and throtteling) rules, while having a fifth network for admin.
Software is v18
My setup thus far is working, but I’m trying to figure out if my VLAN clients are subject to double NAT (and if it could be avoided).
Setup is as follows:
Port 2 of the XG is WAN, receiving it’s IP via DHCP from my ISPs gateway.
Port 1&3-4 of the XG are set up as br0, IP 192.168.x.y.,
I’ve assigned four VLANs to this bridge, set up the respective DHCPs and assigned a NAT rule to each, including masquerading.
Members of br0 are receiving IPs from my ISPs gateway device DHCP, means they are NATed by the gateway (which makes perfect sense)
My questions are these:
1. As the VLANs are assigned to interface br0, does this mean that their traffic is being passed from VLAN ID x (own IP range) via the VLAN gateway to it’s equivalent on br0 and from there being forwarded to the ISP gateway? (Which would imply double NATing, from VLAN to bridge to public IP)?
2. If so, is there a way to reach my target with only one NAT step?
Thanks... :/
This thread was automatically locked due to age.