Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 16830 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

/29 Network - IP Addresses

Bards1888
Hi All,

First post so go easy please [:)]

Just about to cutover to a software UTM (free home edition) and was wondering if anyone knows how my IP addresses for ADSL connection will work. 

My ISP provides me a static WAN IP and also they route a /29 to me which the WAN IP is *not* part of.

Will I have to do anything special to NAT incoming services that were destined to any of the /29 addresses, like for example define them all individually as hosts and then choose them as the targets for the NAT rules ?

Any advice/help appreciated.

Cheers.


This thread was automatically locked due to age.
Parents
  • 0
    4444 & 4443 are listened for on every IP on every interface, but only 'Allowed networks' traffic is not blocked.  25 and 587 are listened for on all interfaces with a default gateway and on the interfaces where devices are allowed on the 'Relaying' tab, or on all if 'Transparent' is selected for the SMTP Proxy (I never recommend that).  Depending on the selection the port for SSL Remote Access may be listened for on all interfaces or just one.

    At the moment, I can't remember any other "special" services, so, yes, four DNATs on port 80 will work.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    4444 & 4443 are listened for on every IP on every interface, but only 'Allowed networks' traffic is not blocked.  25 and 587 are listened for on all interfaces with a default gateway and on the interfaces where devices are allowed on the 'Relaying' tab, or on all if 'Transparent' is selected for the SMTP Proxy (I never recommend that).  Depending on the selection the port for SSL Remote Access may be listened for on all interfaces or just one.

    At the moment, I can't remember any other "special" services, so, yes, four DNATs on port 80 will work.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    Can't thank you enough Grandis Professorem Astaro!

    Best Regards - HTG
    Frustrated Sophos Partner seeing all the things
    that brought me to Sophos slowly slip away.
    RIP astaro.org

  • 0 in reply to htguru
    Come to think of it I have one more followup question.

    When adding the additional IPs, since they need to be added one at a time would a netmask of /32 or /29 be correct?

    Best Regards - HTG
    Frustrated Sophos Partner seeing all the things
    that brought me to Sophos slowly slip away.
    RIP astaro.org

Unfiltered HTML