Tuesday, May 29, 2007

( MULTIPLE IPs - DMZ segments) - I have several EXTERNAL IP addresses that I want to PORTFW to several internal machines. How do I do this?

Though technically possible, DON'T do this with IP MASQ. There are far better solutions for this network design.
MASQ is a 1:Many NAT setup which is the incorrect tool to perform what you are looking for. You are looking for is either Many:Many NAT solution or a Briding setup.
