Another scenario that is common enough to warrant discussion is when you have one or more public IP addresses on an internal interface. In this scenario, you will have at least two public IP addresses: one for the WAN interface of your firewall, and another for the internal interface. More commonly, you might have an entire subnet allocated to you by your ISP, but the steps discussed here apply whether you are assigned a single IP address or a subnet. This configuration has four steps:
- WAN configuration
- Internal interface configuration
- Outbound NAT configuration
- Firewall rule configuration
As an example, assume that our ISP has assigned us several IPs: an IP for the ISP-provided router that is directly ...