I am trying to use this Guide to enable multiple IPs on TomatoUSB. Our Firewall rules need to NAT and allow a 1to1 to two servers.
/usr/sbin/ip addr add 208.x.x.133/30 dev vlan1
/usr/sbin/ip addr add 208.x.x.132/30 dev vlan1
/usr/sbin/iptables -t nat -I PREROUTING -d 208.x.x.133 -j DNAT --to-destination 192.168.7.100
/usr/sbin/iptables -t nat -I PREROUTING -d 208.x.x.132 -j DNAT --to-destination 192.168.7.130
/usr/sbin/iptables -I FORWARD -p tcp -d 192.168.7.130 --dport 25 -j ACCEPT
/usr/sbin/iptables -I FORWARD -p tcp -d 192.168.7.101 --dport 80 -j ACCEPT
/usr/sbin/iptables -t nat -I POSTROUTING 1 -p all -s 192.168.7.130 -j SNAT --to 208.x.x.132
/usr/sbin/iptables -t nat -I POSTROUTING 1 -p all -s 192.168.7.101 -j SNAT --to 208.x.x.133
I used the guide to write these but the router only forwards 1 IP , is what I did wrong or s the guide wrong? Can you point out what is wrong by chance?
Enter these rules in the "Firewall" tab under "Administration". Works for me.
It's been a few years since I have done something with two IPs on the same subnet, on the same interface, but it was not easy. I can't remember the exact commands, but just adding another IP address will not work.
That said, why are you trying to make this extra complex? Plug a switch into the Modem/DSL box and give both your servers an external IP address. Then install a good firewall on each server.