This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IP Alias Question

So...

If I have a x.x.x.14 / 29 subnet and I have no idea how anything is working. The current PIX firewall is configured to forward the following IPs:

x.x.x.15
x.x.x.16
x.x.x.17
x.x.x.18

...and a gateway of x.x.x.13. This is fine with me but none of the subnet calculators coincide with this math. Regardless, I am wondering how to configure my Astaro firewall.

1) Should I just add the interface with the x.x.x.14 / 29 IP address?
2) If so, do I then create an x.x.x.x / 32 alias for each IP (or will the #1 item do this implicitly)?

Any help is appreciated (I will buy you a pint if you can make this work).

This thread was automatically locked due to age.

0 BAlfson over 15 years ago

The Astaro really does make this pretty simple, but there's still a lot to know. We can give you some ideas, but, in a professional environment, I think it makes good economic sense to have your first Astaro installed by someone with experience. That said, here are a few thoughts.

If you have an internal mail server and plan to use the Astaro SMTP proxy (with or without mail security), then to the External interface, you should assign as the primary IP the address pointed to by the MX record in your authoritative name server.

For the other IPs, they may be assigned as 'Additional Addresses' on the External interface, and each should indeed be given /32. There is no default gateway assigned to an additional address.

For example, to make an internal web server available to the internet, you would create a NAT rule:
Traffic Source: Internet
Traffic Service: HTTP
Traffic Destination: External [{name of add'l address}] (Address)

NAT mode: DNAT (Destination)

Destination: {host name of internal IP of webserver}
Destination Service: {leave blank!}

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel