Gateway / Switch hybrid

router switch

Next week I'm getting a new internet connection installed. It comes with 5 static IP addresses by default.

Now, I would like to use some of these IPs on my systems. However, I have more than 5 devices to connect, so I would like to use NAT on one of the IP addresses.

I would like to know if there are devices available that function as a NAT gateway/router, while also functioning as a plain network switch. I have 3 physical locations where I want to connect devices on the wired network, as well as desired support for WLAN (ideally also integrated in the device I'm looking for)

Since I have a few existing cables running through my house, I would like to use those. Basically, I need a device that offers NAT, but is smart enough to properly route other traffic as well.

Note: the Juniper router is owned by my ISP and I'm not allowed to connect more than one device

Network Topology

I'm thinking this might just work out-of-box, but I haven't ever tried it. Thoughts?


What you are after is a Multi-Nat switch. Netgear ships the rather excellent FVS338 Firewall. It's a SPI Firewall + Multi-NAT + 8-port switch, as you can see from the description. The price is very affordable; under 200 USD on most locations.

The switch itself will assign one of your public static IP addresses to its WAN interface. Multi-Nat will then take hold of your remaining IP addresses (4 on your case), if you so wish, by NATing them to internal addresses and maintaining proper connections between NATs with the help of the firewall component. The firewall component is an essential part of this type of configuration and you can establish separate inbound rules to host multiple public IP address and associate those addresses with any local server.

Your drawing would work perfectly and it's basically all you need. That switch closest to your ISP router is what you want to replace with the FVS338.

Alternatively, you can go with a home-made recipe. If you can afford to dedicate an old computer to act as a firewall/switch, you can install Linux on it and use SmoothWall, with the SmoothHost module (which is precisely a multi-nat module). I'm thinking SmoothWall because it's a rather easy to configure firewall solution. But depending on your confidence level in Linux, there's plenty of other options. It remains however the idea that, other than buying an actual device, this can also be made in-house in an old computer.

Best of luck. And have fun!


What you are describing is called a One-to-One NAT. Your Static-IP boxes will be given local IP addresses, but depending on what router you have, you can route all traffic from your static IPs.

Here is an article and a forum post describing the process for setting up one-to-one NAT on a DD-WRT router. If your router is supported, you can install the DD-WRT firmware with no need for additional hardware.

Related

Temporarily disable Javascript for inactive Chrome tabs (except for whitelisted urls) - until active again?
How to move through browser tabs using gestures in Mac OSX Lion?
Is there a folder-only based music player for Linux? [closed]
How to remove distro-specific "branding" from Firefox in Linux Mint
Is there a thunderbird plugin to modify IMAP emails?
HTML5 live broadcasting
Linux: CPU core shutdown instead of sleep state
How to use verbatim strings in sed?
How to route traffic through a specific SOCKS proxy on a per-app basis?
What does the video output stream details from ffmpeg mean?
Bulk reduce image size with Paint.net
Can uTorrent auto re-order torrents (for maximum bandwidth utilization)?