I am not sure if this is possible and would be grateful for the advice.  I want to avoid using VPNs as the resources are not super sensitive.

I have an Ubuntu box with multiple interfaces including pppoe adsl2 and I am going to use it as a firewall.

I have 8 servers with private IPs that I need access to and I have 9 public IPs (one IP is firewall external interface).

I would like fwknop to give me access to the servers (and also to control ssh access to the firewall).

The servers will mostly have ssh and https but there is also rdp and esxi mgmt ports on some.  I am happy with the security implications of extending the rule duration to make http work better.

So can fwknop handle creating the 8 DNATs and corresponding 8 SNATs so each server can be accessed 1:1 with the public IPs?

Any tips, tricks or advice would be much appreciated.

Thanks for looking.