At 10:19 AM 1/12/02 -0800, nit etc wrote: >I have DSL thru Verizon, and their DHCP server >provides more than one IP address, so I can have more >than one computer on DSL with real IP addresses.
Two ways I can think of off-hand: 1. Just set your firwall up to use proxy ARP instead of ip masquerade. Then (assuming your ISP gives you static IPs) you can just tell the machines on your LAN what address(es) to use. You will need an IP for your firewall plus 1 IP for each machine in your LAN (probably best if you get a contiguous block so you can have an internal netmask). You can use the same address for both NICs in your firewall machine, but it's probably easier to give it two IP addresses. 2. If you can't get a block of addresses, or can't get enough addresses for our whole LAN then you might be best off setting your firewall up to do full NAT, and assign "outside" addresses to your internal machines on demand. Have a look at http://netfilter.samba.org/documentation/HOWTO//NAT-HOWTO.html for more details. This is fairly complicated to do, but a lot of ISPs are using it (not necessarily through Linux). In order for either of these to work you will have to be able to talk your ISP into assigning all your IP's to a single MAC address (the external NIC on your firewall). Also I don't think it is possible to have multiple DHCP leases for the same NIC, so you will probably need static IP assignment. -- Who is this General Failure, and why is he reading my hard disk? _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list