Hi all,
I have a CCR1016-12g that act as a router between ISP router and internal LAN.
I have a set of public IP addresses to assign to PCs in internal LAN, but not for all, just a subset. So there will be some PCs with internal IP (natted) and some PCs with public IP without NAT.
How can I accomplish this? It’s possible to do this with one RB?
There is someone can helps me?
I thank you all in advanceso much.
Tony
You should be able to do this with AddressLists. Create an address list of NATs and Not_NATs and when you see source act on it. Make the rules one right after the other and finally a drop after that and you’ll be golden.
Thank you pcunite for reply. I try and then I reply the result.
I solved this by creating bridge br1_WAN which connects eth_WAN and eth(s)_PUBLIC-IP (for computer with public IP) and second bridge br2_PRIVATE-IP (for computer with private IP, NATted).
Router routes/nates pakets between WAN (br1_WAN) and private LAN (br2_PRIVATE-IP).
Router switches packets between WAN (eth_WAN) and public LAN (eth_PUBLIC-IP).
Use IP firewall in bridge configuration allows you to secure computers with public ip.
You can bridge also VLAN with WAN and distribute public IP (WAN) to more PCs via smart switches, that support VLANs.