• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 455
  • Last Modified:

Need IP routing help

I need some help to understand IP routing.  My service provider has given me a block of IP addresses to use.  I want to route several of my usable ip addresses through a Juniper/Netgear 5GT Router without the use of NAT to a Load balancer which will do the NAT into my production network.  I want to use the Juniper to control access and which ports are open.  Here are the details.

ISP issued addresses.  (not real)

Usable IP

I am used to configuring firewalls with the public address on one side and the private address on the other via the NAT.

How do I configure the Juniper with the given address space so the public addresses are routable to the load balancer which will do the NAT.

Internet >> Router/Firewall >> LB/NAT >> Private Net
3 Solutions
To configure the Juniper M5 router, you need to complete the following steps:
• Build a configuration file
• Log on to the router
• Upload the configuration

Construct the config file:
1. Open a text editor such as Notepad. You use a text editor to create the configuration file. Copy the sample router configuration provided in Appendix 2.2 of the internet data center documentation and paste it into the text editor window.
 2. Update the sample router configuration to reflect the particular properties of your network, such as subnet mask, IP addresses, and firewall filters. Make a copy of this file and store it in a safe place for disaster recovery.

Logging on to the Router:
Use the provided serial cable to initially configure the router. Set up a terminal session (9600, N, 1) to the console port of the router.
To log on to the router:
1. Log on as root with no password.
2.Type in the keyword cli at the prompt.
 Uploading the Router Configuration:
After you have logged on to the router, you can upload a previously created configuration

You need the Juniper to operate in bridge mode. This will cause the Juniper to just act as bridge between the Internet and the LB. All packets will just be forwarded to the LB.
You've got 2 possiblities, put the 5GT in layer 2 (transparent) mode and just filter the ports and send the data to the LB with public IP's as you said earlier.
start here for L2

or you can put the GT in L3 mode (route/nat)  and have all the public IP's assigned to the GT and when someone connects to the GT the GT sends it to a designated IP on the inside etc
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now