If you just want public IPs passed to downstream devices than bridging two NICs will allow you to accomplish this. Otherwise you will need to setup NAT port forwards or 1:1 NAT. You assign the external IP and internal IP when creating the NAT rule. The device only needs to be as fast to handle the Mbps you need routed from your ISP. Having multiple IPs isn't going to affect the speed by much since the destination IP address is in the packet header. The firewall is going to check the header and determine if the packet gets passed through, blocked, or if NAT is going to be performed. Ryan On Mon, Oct 5, 2009 at 5:45 PM, ML <mailinglists at mailnewsrss.com> wrote: > Hi All, > > So before when I used PIX's for my employer, our traffic was > statically routed to one IP and then the firewall decided if allowed/ > denied and passed it on or dropped it. > > I have a Comcast business circuit with 13 IP's. The gateway device > they provide is a 'pass through' device. They sent traffic for all 13 > IP's my way. It just allows traffic through. So if I put in a device > to firewall (like Ipcop or Vyatta or something) in front, say it has 3 > NICS, how do I do that? > > If the Firewall has IP A and Traffic for IP B comes in how would IP A > answer and decide if the traffic to IP B belonged? Without statically > routing I am confused on how to accomplish this? > > How fast does this device need to be? > > Best, > -Jason > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >