The default configuration of Peplink WAN interfaces makes use of NAT. IP forwarding mode disables NAT on interface for standard routing.
Reasons to use IP forwarding:
Keep existing topology, subnets, and routing when replacing router in existing network. As opposed to Drop-In mode where router is added to existing network in between devices.
Save work of one-to-one NAT mapping. Use those IPs on the LAN directly.
You sure can, the IP Forwarding only applies to a specific WAN connection. If the traffic goes out a different WAN interface then a NAT would be applied. You can’t have IP Forwarding enabled on more than one WAN interface.
The Balance router will route traffic based on your outbound policy/rules.
The documentation for this feature is a bit lacking. We have a Balance 305 with around 300 devices behind it on multiple VLANs. We have 2 WAN ports. One has a single static IP and the other has a /24 of public assigned to us (WAN 1).
What am really need to accomplish is to pass through public IP space from the /24 to one of the VLANs and NAT the rest of them. Some of the VLANs are designed for internal use only (no access from the Internet but they do access out to the Internet).
We have done 1:1 NAT mapping but it does not work well with VOIP and VPNs. So, ideally, I use IP Forward and assign real public static IPs to certain MAC addresses behind the Peplink. I have tried setting this up on a test router but can not make it work. Perhaps it is not possible to do what I am after. When I change a WAN port to IP Forwarding from NAT, I don’t see any other settings become available to me. What do I do next? Is there a set of examples for this feature?
@AUWireless Ip forwarding is not the right approach for your public IP range.
IP forwarding is a Layer 3 routing function so when using it you need to have different subnets on the WAN and LAN.
My first question would be why have the Balance in line at all? Just connect the providers router with the /24 range to an access port on a switch and trunk that directly to the VLAN with the devices you want to allocate IPs from that range to.
You could always then plug the balance WAN into that switch and assign it one of the IPs for load balancing / resilience.
Well, the public /24 is on my LAN side. WAN is a /30. So, if I do your idea of going directly to a vlan on a switch, there is no gateway for the clients that use an IP from the /24.
I want to get away from 1:1 NAT and the double NAT scenario we currently have.