Changing NAT IP and DHCP best practices?

Question

Level 1

4 points

Changing NAT IP and DHCP best practices?

OK. Office currently has a Firewall hardware device that's and it's using a certain internal IP range from it's NAT. We're looking at a newer Firewall appliance box and it serves a different set/range of IP's out from it's NAT. What's involved in changing/updating an existing OS X Snow Leopard to use this new internal IP behind the NAT without causing issues with the setup?

Second part... since the Firewall appliance box can also dish out DHCP - when is it better to have the OS X Snow Leopard server handle the DCHP for the internal network?
Is it only when used as Gateway server? - Lewis

Mac Mini Server, Mac OS X (10.6.2)

Posted on Mar 24, 2010 12:38 PM

Reply

Answer 1

MrHoffman

Level 10

149,579 points

Mar 24, 2010 1:49 PM in response to LewisO

I've yet to encounter a firewall that can't have the specific pool of IP addresses (served up for DHCP or for VPNs) (re)configured.

As with various other tasks involving IP, there's no single best way to do this. On a couple of networks I run, I have several devices serving up IP addresses (with the IP address pools coordinated) in parallel. On others, I have one DHCP device and one pool.

As for Mac OS X Server DHCP server, you can manage that with Server Admin. And no, you don't need to be running as a gateway to use the DHCP server.

You may end up coordinating two IP address pools: one for VPN users allocated from the firewall, and one from the firewall or from another DHCP server running on your LAN. (Unless your firewall can relay DHCP requests; some have that, and that can sometimes be useful.)

Again, there's no single best way to do this.

Reply