Re: ADSL Modem/Router Question

From: Stalks (sorry_at_dont.want.spam.tv)
Date: 05/18/04


Date: Tue, 18 May 2004 12:51:00 +0100

Keith wrote:

> Hope someone can advise me here.
>
> I have a client who has specific needs that the cheap ADSL Modem (Zoom X5)
> he has purchased won't service. I am familiar with Cisco kit but he doesn't
> want to spend Cisco money.
>
> Can someone tell me if there is any lower-end kit which will do the
> following:
>
> His ADSL has a block of 4 Static public IP addresses (only 2 are useable -
> .233 and .234).
>
> .233 is assigned to the modem/router, the other is for a web server.
>
> The modem/router needs to give him the ability to have a working internal
> (private) lan which can use the internet, but also allow his web server to
> accept traffic to the .234 address (on specific ports - 80, 443, 3892, 5631,
> 5632).
>
> I guess what I am asking (if the above doesn't make sense) is are there any
> modems/routers that will accept two static public IP addresses, allow a
> device on that private LAN to have a static public IP and allow forwarding
> of ports to that devide. As well as this, the internal LAN needs to be
> natable so it can utilise this ADSL circuit.
>
> An additional requirement (though not essential) would be the ability to VPN
> into the private LAN from the www.
>
> Sorry if this doesn't make sense (it does in my head while I am writing it).
>
>

I have a Zoom x3 (similar model, but I think the x5 has a built-in
switch and usb support?). I had the same problem when it came to me
choosing a new ISP, I went from the all too familiar single-IP and NAT
setup, to a new block of 8 IP's.

While researching for the most cost effective solution, I found that all
of the consumer model ADSL Modem/Routers are unable to effectively
integrate a NAT setup with multiple IPs. The only models that were able
to do this were rediculously expensive for home-use.

The way I ended up setting this up was to purchase an old ShortForFactor
Pentium2, insert 3 network cards, install Debian and setup a transparent
bridge using Netfilter/IPTables. I had never touched Linux in the past
and so was "jumping in the deep end" so to speak. Nevertheless after a
week I have now successfully bridged my networks togethor in a workable
solution. Typically named Red, Green and Orange as per firewall setups.
Red is the modem, Green is my internal LAN on a LAN subnet and Orange is
  my Win2k web server with a static public IP. The Debian box also
allows me to block ports, monitor traffic through SNMP and MRTG graphs,
runs as a mail server, and is along with the win2k box I now have 2 DNS
servers to fully control the domain for the network.

Altogethor I am very proud of what I accomplished with little or no
knowledge of linux and just google as my handbook. At the cost of a
refurbished Pentium 2 + a couple of network cards, totalling 35 (hurray
for ebay :)

Hope you find a similarly working solution for your clients setup.

Steve.