Multiple WAN IPs - Can HyperWRT handle?

Discussion in 'HyperWRT Firmware' started by gopherhockey, Jan 26, 2007.

  1. gopherhockey

    gopherhockey LI Guru Member

    I apologize for my unfamiliarity with the HyperWRT (and other) firmwares and their capabilities, but I did some digging and thought I'd just post here.

    Can HyperWRT handle the assigning of multiple WAN IPs? And if so, can it handle port forwarding from multiple WAN IPs?

    For example, I have a block of 5 IPs from my ISP. Lets say

    Currently most if not all home or small business routers/gateways seem to handle just one WAN IP. Perhaps this is because most people don't have a need for more. I would suspect that there are some, like me, who have a block and a need to use them. Using multiple routers (as I posted about in a separate forum) can work, but also can be hard to manage internally with routing confusion.

    If I could get one device to handle multiple WAN IPs just like a real firewall would, this would solve a lot of problems.

    A real world example:

    I have on and on

    I want port 25 (smtp) to hit internal server while I want port 25 (smtp) to hit internal server

    Current rules assume one WAN IP and one only. What you assign for port forwarding all comes from that one IP.

    Firewalls such as Sidewinder give you the ability to say:

    WAN IP: X Reason: SMTP Port: 25 LAN IP: Y
    WAN IP: Y Reason.... etc.

    I'm just curious if any of the firmwares handle this. Of all that I have seen I was thinking HyperWRT might.
  2. frenchy2k1

    frenchy2k1 LI Guru Member

    Last I checked, you needed to place the computers associated with each IP in a separate DMZ. This way, you get different routing to each.

    I'll have to check again...
  3. mstombs

    mstombs Network Guru Member

    I know you can assign additional IPs on the WAN interface, I used to use this

    ifconfig vlan1:0 netmask

    to communicate with my cable modem.

    You can do anything with Linux, and Hyperwrt Thibor allows custom firewall rules so I'm pretty sure you could do what you want - if you know how.

    But if you have multiple IPs can't you turn off the firewall, assign static real IPs to your machines and turn the router into a gateway?
  4. gopherhockey

    gopherhockey LI Guru Member

    I could do this, but I have different ports going to different computers coming from the same WAN IP. (e.g. port 25 goes to Exchange, port 80 goes to web, remote access goes to my PC etc.)

    If I had enough WAN IPs I could do that, but I only have 5... so I really need to be able to do port forwarding vs. NAT of an entire IP.
  5. gopherhockey

    gopherhockey LI Guru Member

    It looks like I found a router that can do this using factory code. The Netopia 3387WG model has this standard. I'm surprised that linksys doesn't have one similar.

    This page tells exactly what I want:

    From the bottom of the page:

  6. Thibor

    Thibor Super Moderator Staff Member Member

    the feature you are looking for is called "One to One NAT" and a lot of routers actually have it, it's just that these home routers from Linksys don't. they aren't made for that.
  7. Press2Esc

    Press2Esc Guest

    For DSL (Bellsouth, AT&T, etc) ISPs, the netopia 3346 & 3347 (wireless) series works well with multiple static IPs.


  8. ifican

    ifican Network Guru Member

    Just about anything from any of the enterprise vendors will do what you want. Cisco is going to be the cheapest via ebay, though you can find several Juniper models at times reasonably priced.
  9. mstombs

    mstombs Network Guru Member

