Hello,
I’m Fabrice and I am writing from Congo Brazzaville. I have a big problem with a range of addresses in /29. I can not assign a public IP address without NAT to a customer. I tried the 1 to 1 NAT, it works well. but the problem is that the customer wants to have public IP address configured directly on the router to operate its VPN. I know that I need a /30 that my ISP has to provide me. but I do not know how to operate it.
Please Please Please, i really need help.
cordially
So your router has a /30 on the ISP interface, and they are routing a /29 to you via this /30.
On your router’s interface facing the customer (e.g. ether2), set the ARP type to proxy-arp
Then create a static route gateway=a.b.c.X/32 dst=ether2
The customer will configure their equipment as a.b.c.X/29 with a.b.c.1 as the default GW. This will work just fine without NAT and you’ll be able to use the rest of your public IP addresses with NAT. (be careful that the NAT rules also NAT correctly if your other customers try to communicate with the public IP customer on ether2)