Its at little weird that they would give you IP's that weren't in the same range as your WAN connection and not a whole subnet. All you have to do is create static 1 to 1 NAT translations. I really can't give you specifics, as you didn't provide any, but in a 1 to 1 NAT you configure your router to always translate a particular public IP to a particular private one, and vice versa. The ISP is providing the routing to the public address of the server, so that wouldn't be a concern. So to answer your questions directly:



1) Your servers will be privately addressed. This can be on the same subnet as all your other devices, but I'd recommend putting them on a separate network (different VLAN). This way your can apply separate security policies to that network easily (among other things). The servers will need to have static addresses. On the perimeter router you will set your NAT policies to map a single server's private address to a single public IP. Router configurations are different, so you might need two policies for each server, one mapping the private IP to a public IP for outbound traffic and another the public IP to the private IP for inbound traffic. Some routers will only require one command to do both directions, read the manual for your router.



2)This method will not be using the IP addresses in an actual network, so no subnet or gateway information will be set. If your ISP isn't giving a whole subnet then they must be handling the routing so the NAT is all you have to do.



Hope this helps.

I suggest making use of http://www.vpnmaster.org to unblock web sites. I am using their services for more than 2 years without having difficulties.

My spouse and i highly recommend making use of VPNPower to be able to unblock web-sites. I have been using them since four years. http://www.vpnpower.net