On Tue, 2009-11-24 at 11:25 -0800, Brian Buhrow wrote: > Hello. Each box has an internal and external address. > So, for example, I have two boxes: > 192.168.25.2 and 192.168.25.4 > Each have external addresses: > 157.22.25.2 and 17.22.25.4 > (These are theo See attached diagrams. I think your customer is very very confused about TCP/IP, but anyway. It _may_ work. It may. Or we could make it work. Just so long as: 1) The outbound NAT+PAT (this is important) address for internal client TCP connections to the WAN is a *DIFFERENT SOURCE WAN* address, such as the WAN IF, the CARP IF, or another IP (.99), in the WAN subnet, than that of the 1:1 mapping for the public->private address maps. You're essentially talking about double-NAT within the device, and some exotics POS routers may make that work (Sonicwall comes to mind) Tell the customer they can have anything they want, as long as they're willing to pay for it. ~BAS
Attachment:
cf_fucksticknetwork.png
Description: PNG image
Attachment:
cf_fucksticknetwork.dia
Description: application/dia-diagram
