abhinaysinha
asked on
Using a linux router for public IPs
Hi,
I have a net connection which comes to me through LAN. I have got public IPs. The lan card is installed on Linux server for further distributing using NAT. The internal network of computers in my organisation are using private IPs.
I currently have 7 more public IPs left which I can use. My question is how can I add seven PCs in my network having public IPs through my Linux server, and also continue the NAT for the existing PCs with private IPs. Do I have to add another LAN card?
Also what will be better to use in my situation, Windows XP or Linux.
Thanx in advance
I have a net connection which comes to me through LAN. I have got public IPs. The lan card is installed on Linux server for further distributing using NAT. The internal network of computers in my organisation are using private IPs.
I currently have 7 more public IPs left which I can use. My question is how can I add seven PCs in my network having public IPs through my Linux server, and also continue the NAT for the existing PCs with private IPs. Do I have to add another LAN card?
Also what will be better to use in my situation, Windows XP or Linux.
Thanx in advance
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There will be no limitations
If you want limitations you can do this by netfilter-iptables
Regards
If you want limitations you can do this by netfilter-iptables
Regards
ASKER
Can this be done in windows XP?
Secondly, I am comfortable with ipchains. My knowledge about iptables is nil. can this be converted to ipchains?
Secondly, I am comfortable with ipchains. My knowledge about iptables is nil. can this be converted to ipchains?
This can NOT be done by windows XP.
Ipchains scenario- not so good - this is not a full NAT solution
http://www.ox.compsoc.org.uk/~steve/portfw-2.2.html
$EXTIF=eth0
$INTLAN=192.168.0./24
ipchains -A forward -i $EXTIF -s $INTLAN -j MASQ
#PORTFORWARDING
#echo "Enabling IPPORTFW Redirection on the external LAN.."
#
# This will forward ALL port 80 traffic from the external IP address
# to port 80 on the 192.168.0.10 machine
#
PORTFWIP="192.168.0.10"
/usr/sbin/ipmasqadm portfw -f
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 80 -R $PORTFWIP 80
Use iptables , ipchains and 2.2 kernels are obsolete
Ipchains scenario- not so good - this is not a full NAT solution
http://www.ox.compsoc.org.uk/~steve/portfw-2.2.html
$EXTIF=eth0
$INTLAN=192.168.0./24
ipchains -A forward -i $EXTIF -s $INTLAN -j MASQ
#PORTFORWARDING
#echo "Enabling IPPORTFW Redirection on the external LAN.."
#
# This will forward ALL port 80 traffic from the external IP address
# to port 80 on the 192.168.0.10 machine
#
PORTFWIP="192.168.0.10"
/usr/sbin/ipmasqadm portfw -f
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 80 -R $PORTFWIP 80
Use iptables , ipchains and 2.2 kernels are obsolete
ASKER