We have recently bought a Cisco 1711 router. Until now, I've been using a Linux based firewall. Our ISP provides us with a fixed DSL address and an extra range of six usable IP addresses (a .248 subnet) that are not contiguous to the DSL address, and are not routed through it. The DSL interface only gets 1 IP address. On the Linux firewall, I am using a setup that has all the .248 servers in a DMZ and I use proxyarp to bring this addresses forward so they appear to be on the same net as the DSL interface. Is it possible to create a similar configuration on the 1711, for example putting all the .248 servers in a vlan and using proxyarp to make this addresses appear to be on the WAN side of the router? While testing, I've noticed that as soon as I enable proxyarp I get "Duplicate IP address" message on the DMZ computer. Is there an alternate configuration that will allow access to this servers from the WAN side. All of this servers have legal IP addresses so there is no need for port forwarding or nat. Please answer to the newsgroup.
Thanks in advance.