• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 348
  • Last Modified:

External IP Range split between to interfaces or devices

Hello,

I currently have a usual internet setup, with a block of external ip address on the internet connection and then my watchguard nats various external ip addresses to internal resources eg webserver, exchange server etc.

I now have the requirement that i need to have a mitel teleworker server on an external IP address that is not nated.  It has to be actually on the internet.

Can you give me any advice the best way to do so.  I thought about breaking the internet connection between the internet router and the watchguard firewall puting a switch inbetween and give the teleworker an ip address in that external range, and the default gateway would be the internet router?

thanks

Phil
0
philipfarnes
Asked:
philipfarnes
  • 2
1 Solution
 
dpk_walCommented:
That is a possible solution to put the teleworker server directly on the internet with no firewall protection; another solution which can be implemented is to configure FB in drop-in mode and then put teleworker server behind it.
With FB in drop-in mode all interfaces of FB would have one single IP address and FB would not do NAT for any network. For existing network for which FB does NAT, we would add secondary network with specific IP subnet on the specific interfaces, and FB would do NAT for secondary networks.
We can now have teleworker server behind WG with a public IP [please ensure that this IP is not used by any 1-1 NAT settings or aliases in WG configuration] and have complete firewall protection for teleworker server.
If needed we can open ANY server from specific external IP to teleworker server, so there would be no NAT and so to say no firewall between the configured addresses.

Please let know if you need more details.

Thank you.
0
 
philipfarnesAuthor Commented:
We ended up using drop-in mode


thanks

0
 
dpk_walCommented:
Putting the FB in drop-in mode was given as solution in the only post to this question; comment # 23619027.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now