• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 452
  • Last Modified:

Need IP routing help

I need some help to understand IP routing.  My service provider has given me a block of IP addresses to use.  I want to route several of my usable ip addresses through a Juniper/Netgear 5GT Router without the use of NAT to a Load balancer which will do the NAT into my production network.  I want to use the Juniper to control access and which ports are open.  Here are the details.

ISP issued addresses.  (not real)

Usable IP

I am used to configuring firewalls with the public address on one side and the private address on the other via the NAT.

How do I configure the Juniper with the given address space so the public addresses are routable to the load balancer which will do the NAT.

Internet >> Router/Firewall >> LB/NAT >> Private Net
3 Solutions
To configure the Juniper M5 router, you need to complete the following steps:
• Build a configuration file
• Log on to the router
• Upload the configuration

Construct the config file:
1. Open a text editor such as Notepad. You use a text editor to create the configuration file. Copy the sample router configuration provided in Appendix 2.2 of the internet data center documentation and paste it into the text editor window.
 2. Update the sample router configuration to reflect the particular properties of your network, such as subnet mask, IP addresses, and firewall filters. Make a copy of this file and store it in a safe place for disaster recovery.

Logging on to the Router:
Use the provided serial cable to initially configure the router. Set up a terminal session (9600, N, 1) to the console port of the router.
To log on to the router:
1. Log on as root with no password.
2.Type in the keyword cli at the prompt.
 Uploading the Router Configuration:
After you have logged on to the router, you can upload a previously created configuration

You need the Juniper to operate in bridge mode. This will cause the Juniper to just act as bridge between the Internet and the LB. All packets will just be forwarded to the LB.
You've got 2 possiblities, put the 5GT in layer 2 (transparent) mode and just filter the ports and send the data to the LB with public IP's as you said earlier.
start here for L2

or you can put the GT in L3 mode (route/nat)  and have all the public IP's assigned to the GT and when someone connects to the GT the GT sends it to a designated IP on the inside etc

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Tackle projects and never again get stuck behind a technical roadblock.
Join Now