Getting past *two* NAT routers
picarules "at" earthlink.net
Tue Jan 11 06:04:00 2005
>From: Angelo Sarto <angelosarto "at" gmail.com>
>Jumping in a little bit there is still one question I have....
>does your integrated device provide no firewall capability? I mean if
>the integrate device exposes its only interal IP (.1.2) completely to
No. The router portion of the ZyXEL exposes only the external IP;
I didn't think any 192.168.x.x addresses could even be seen except on
the LAN side of *any* router (as Alan states).
>If this is the case, or you can place that IP in the dmz, or bridge
>mode may do this as well, then perhaps your answer is simple.
>1. simply purchase an ethernet router - e.g. a dlink or linksys device.
>2. change its wan type to static IP
>3. assign it's ip to 192.168.1.2
>4. pretend your other device is just a modem, do all forwarding on
>the new router.
Alan, I don't see how this is any more "elegant" than what I've been doing all along. The Mac is already a true NAT router in and of itself, not a bridge. Its second NIC connects to a hub, and the rest of the LAN uses that interface's IP, 192.168.2.1, as the gateway.
"Elegant" would be eliminating one or the other router and its address translation. John's is the elegant solution--change the netmask simultaneously with the Size of Client IP pool, and attach the ZyXEL to the hub. This relieves the Mac of its need for a second NIC, reducing rather than increasing the hardware involved.
Thanks to everyone for sharing your knowledge. The only unanswered question is how one would talk to the device at all if it became a bridge. That one's for ZyXEL.