e-matters
asked on
Router configuration for multiple ISP assigned IP addresses
Hi,
We have block of five IP addresses assigned to us from our ISP. They were routed through an ADSL connection to a Zyxel P-660 router, and we used three of them directly on the second NICs of three servers. The Zyxel quite happily allowed all ports to be directly accessed on these three servers from outside.
Unfortunately this router has died and is "end of line", and we have now been provided with a Linksys X3500 as an alternative by our ISP. I have disabled NAT and turned off the firewall. The servers can all access the internet outbound but no inbound connections are being received from outside.
Anyone got any ideas what the problem might be?
Thanks,
Jim.
We have block of five IP addresses assigned to us from our ISP. They were routed through an ADSL connection to a Zyxel P-660 router, and we used three of them directly on the second NICs of three servers. The Zyxel quite happily allowed all ports to be directly accessed on these three servers from outside.
Unfortunately this router has died and is "end of line", and we have now been provided with a Linksys X3500 as an alternative by our ISP. I have disabled NAT and turned off the firewall. The servers can all access the internet outbound but no inbound connections are being received from outside.
Anyone got any ideas what the problem might be?
Thanks,
Jim.
ASKER
Hi Matt,
Linksys is both modem and router. There is nothing between the servers and the Linksys. The servers have two NICs - one has one of the ISPs assigned IPs, the other has a 10.0.97.x IP address.
All worked great with the Zyxel.
Jim.
Linksys is both modem and router. There is nothing between the servers and the Linksys. The servers have two NICs - one has one of the ISPs assigned IPs, the other has a 10.0.97.x IP address.
All worked great with the Zyxel.
Jim.
So am I understanding correctly when you say that the ADSL is connecting directly into the Linksys device?
I'm thinking that you need a router that will allow you to NAT those routable IP's across your network to the server you're trying to allow them to access.
If the device you have can NAT out the routable to non-routable address, than great. If not, I'd look at http://www.bhphotovideo.com/bnh/controller/home?O=&sku=827006&gclid=CjwKEAiAhIejBRCKm_fTxIWyyXcSJABXY0XYkfewqsZ4pMYhTiSMzhRER-mJLUxaF486y7ks6r2gPhoC4cDw_wcB&Q=&is=REG&A=details or something comparable.
Good Luck
I'm thinking that you need a router that will allow you to NAT those routable IP's across your network to the server you're trying to allow them to access.
If the device you have can NAT out the routable to non-routable address, than great. If not, I'd look at http://www.bhphotovideo.com/bnh/controller/home?O=&sku=827006&gclid=CjwKEAiAhIejBRCKm_fTxIWyyXcSJABXY0XYkfewqsZ4pMYhTiSMzhRER-mJLUxaF486y7ks6r2gPhoC4cDw_wcB&Q=&is=REG&A=details or something comparable.
Good Luck
If I'm understanding this you were using IP Alias on the Zyxel box? IIRC you can assign multiple IP ranges to the LAN so you will have had your block of 5 addresses routed via the WAN port. With the Linksys box I think you'd be stuck to using the block on the WAN port and being forced to use NAT.
The way that some ISPs provide blocks of IPs on DSL circuits is a bit funny. For example some providers will dynamically assign the block to your router via PPP but others will route to it via a dynamic IP assigned to your router when it establishes a PPP connection. If you have the latter you're fine, but it sounds like you don't.
The way that some ISPs provide blocks of IPs on DSL circuits is a bit funny. For example some providers will dynamically assign the block to your router via PPP but others will route to it via a dynamic IP assigned to your router when it establishes a PPP connection. If you have the latter you're fine, but it sounds like you don't.
ASKER
Hi, thanks for the comments.
I have bought a replacement Zyxel but it will take a couple of days to get here.
The Linksys has the option to Disable NAT which is allowing all of the servers to get outbound connections. What I don't get is why I cannot access any of the ports coming in the way. If I can get out, then if the Linksys gets a packet for one of the ISP IPs on the inside of the network then why doesn't it go "there you go" and pass it over, regardless of port? As I can connect from the internal servers to the outside world through the Linksys then packets are definitely going back and forth successfully.
I have bought a replacement Zyxel but it will take a couple of days to get here.
The Linksys has the option to Disable NAT which is allowing all of the servers to get outbound connections. What I don't get is why I cannot access any of the ports coming in the way. If I can get out, then if the Linksys gets a packet for one of the ISP IPs on the inside of the network then why doesn't it go "there you go" and pass it over, regardless of port? As I can connect from the internal servers to the outside world through the Linksys then packets are definitely going back and forth successfully.
Ah...
That just sounds like you have a SPI firewall enabled on the router then. If you have just disable it and try again.
That just sounds like you have a SPI firewall enabled on the router then. If you have just disable it and try again.
ASKER
Hi, SPI firewall is an option, but already disabled.
I would contact Linksys for support on this issue, if that's possible for you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Unfortunately we couldn't get the Linksys router to work for us, but the replacement Zyxel has arrived, which we know will work.
How do you have the DMZ settings configured?