T-1 With Multiple IPs

    I have a WRT54G connected to a T-1.

    With the T-1 came 10 IP addresses. -

    I have the WRT set to and it's working fine, I can get on the Internet.

    I have a webserver that I would like to have the external IP be But I would like to restrict which ports can connect to it. Basically, only ports 80 and 443 will work. Everything else will be ignored. This will just be for .3, I will need other "rules" for .2

    I also have another router behind the WRT. I would like to make the external IP of that router

    I would like all traffic going to to be able to access this router (bypassing any rules on the WRT).

    I tried setting the external IP address of the other router to, with the proper subnet and gateway, but was not able to get it to work. I am able to get it to work if I plug it directly into the T-1 router (bypassing the WRT, but also shutting it off). Do I need to do something on the WRT to allow it to use more external IP addresses behind it?
    Not asking to much of a simple soho router are you? Easiest fix with flexibility will be to use a cisco, netscreen, checkpoint or such that will give you all of those features as is. Now can you make what you want work, partially. If you are running 3rd party firmware you can add more address to the wan interface via the command line of the router.

    While thinking about this if you ran a switch between your internet and your network you could run multiple routers with the wan ip you want for each and then limit ports that way as well. Actually i just thought of another way but you will still need multiple routers and can get into that later if need be.
    whats the terminating interface at your T1, a single Ethernet or what?

    as for your webserver... just use iptables and write your own rules ( that is if your running linux... you are serving off a linux box right ;) )

    outside that i agree with the second paragraph on ificans' post... a simple gigabit switch, whether it be 3com/cisco will suite your needs nicely and then you can go with multiple routers on the other side... kind of overkill but itll be "easy" to setup and configure

    only other alternative, as mentioned, is togo with a fully managed solution which will undoubtedly cost much more
