Need a Router...

I am looking for Brand X that sells a simple router. I
only need a WAN port and a LAN port but I would take a 4
port. I do not want or need NAT or DHCP or any firewall
rules.

Does anybody know of a reasonably priced product that can
do this? All I want is the following:

WAN IP: 10.200.59.1
LAN IP: 10.200.8.1

Client1: 10.200.8.5
Client2: 100.200.8.6

If 10.200.8.6 makes and HTTP request that passes through
the router I don't want the 10.200.8.6 to be NAT'd. I need
it intact as it will go through a firewall with rules set
up per client IP address.

----------------------------------------------->FOR EXAMPLE
Client2(Makes HTTP)10.200.8.6--->--- (10.200.8.1) ROUTER (10.200.59.1) --->--- (Still Intact)--->10.200.8.6--->FIREWALL
----------------------------------------------->FOR EXAMPLE

If such a product exists, please let me know.

Best Regards,

Rex Winn

United States.

a switch doesnt do anything based on ip address, its the mac address.

wpdclan.com cs game server - 69.12.5.119:27015

My bad. I learn a little more every day here.

I aint signing nothing!!!

Any old router should do. Look for reviews. I imagine it's as simple as forwarding incoming packets for 10.200.8.x out of the 10.200.59.x port. If you plan the use of a multi port one make sure it has a switch inside rather than a hub.

Persoanlly I'd get something which can adapt to as many ideas that you maight throw at it in it's lifetime.

<b><font color=blue>~ <A HREF="http://forums.btvillarin.com/index.php?act=ST&f=41&t=324&s=58e94ba84a16bedfebbf0f416d5bac48" target="_new">System Specs</A> ~<font color=blue></b>

You can set it a firewall rule on said router (assuming the router has one).

For example, on a cisco router, you would attach the following rules to the 10.200.59.x port:

access-list 206 permit tcp all 10.200.8.x 0.0.0.255
access-list 207 permit udp all 10.200.8.x 0.0.0.255

This will allow both TCP and UDP packets trying to access anything with the IP 10.200.8.x, regardless of origin or logical port number. These rules are actually a bit dangerous, cos you're allowing anything to the 10.200.8.x network, but packet to any other networks would be dropped.

You could preceed these rules with:

access-list 201 deny tcp any any eq 23

which would block all telnet access

access-list 202 deny tcp any any eq 139

which would block all NETBIOS packets.


The trick is to put the filtering on the outgoing physical ports, as opposed to the incoming. You may want to put "block all x" on the incoming physical port, as all your outgoing physical ports would be protected there, but the actual sorting and filtering works best by placing the rules on the applicable physical port.

Just to specify...physical port = ethernet, logical port = FTP, Telnet, HTTP etc.

<b><font color=blue>~ <A HREF="http://forums.btvillarin.com/index.php?act=ST&f=41&t=324&s=58e94ba84a16bedfebbf0f416d5bac48" target="_new">System Specs</A> ~<font color=blue></b>