Let's say a person is assigned the following address block 22.33.44.0 /29
Set up is: Cisco router -> Fiber Connection -> Firewall (Watchguard, Sonicwall, pfsense etc) -> Servers (priv net)
With it 22.33.44.2 is assigned to the external interface of the gateway/firewall. Behind the router exists the arbitrary private network 10.1.0.0 /24 with various servers with 1:1 NAT statements set up in the firewall's config.
Under normal operating conditions the Cisco router shows the following in its arp cache:
Internet 22.33.44.1 - aaaa.2222.cccc ARPA
Internet 22.33.44.2 4 4444.dddd.5555 ARPA
Internet 22.33.44.4 71 4444.dddd.5555 ARPA
Internet 22.33.44.5 7 4444.dddd.5555 ARPA
Internet 22.33.44.6 236 4444.dddd.5555 ARPA
22.33.44.1 is the gateway and aaaa.2222.cccc is the mac of the router, no issue there.
However, 22.33.44.2 - 6 are all presented with the same mac address (mac address of the firewall's external interface). Preserving the topology and function of the 1:1 NAT is there a technique used so that all public IPs are presented to the router with different mac addresses? Goal is for the servers to remain behind the firewall but have a one IP per mac public presence.
I've read some about proxy arp and IP aliasing, but am unsure if either is relevant. this sort of network configuration is beyond what I typically do, so I'm rather ignorant to the specifics.
Set up is: Cisco router -> Fiber Connection -> Firewall (Watchguard, Sonicwall, pfsense etc) -> Servers (priv net)
With it 22.33.44.2 is assigned to the external interface of the gateway/firewall. Behind the router exists the arbitrary private network 10.1.0.0 /24 with various servers with 1:1 NAT statements set up in the firewall's config.
Under normal operating conditions the Cisco router shows the following in its arp cache:
Internet 22.33.44.1 - aaaa.2222.cccc ARPA
Internet 22.33.44.2 4 4444.dddd.5555 ARPA
Internet 22.33.44.4 71 4444.dddd.5555 ARPA
Internet 22.33.44.5 7 4444.dddd.5555 ARPA
Internet 22.33.44.6 236 4444.dddd.5555 ARPA
22.33.44.1 is the gateway and aaaa.2222.cccc is the mac of the router, no issue there.
However, 22.33.44.2 - 6 are all presented with the same mac address (mac address of the firewall's external interface). Preserving the topology and function of the 1:1 NAT is there a technique used so that all public IPs are presented to the router with different mac addresses? Goal is for the servers to remain behind the firewall but have a one IP per mac public presence.
I've read some about proxy arp and IP aliasing, but am unsure if either is relevant. this sort of network configuration is beyond what I typically do, so I'm rather ignorant to the specifics.