Solved

Router Config Draytek 2820 - External IP address

Posted on 2010-11-16
5
3,507 Views
Last Modified: 2012-05-10
Hi all, I've got a Draytek 2820 with an ADSL2+ line with a static IP Address.
All works fine and well.

However, what I'd like to do is

1. Get another external IP address, namely IP address A and IP address B
2. Configure one internal machine to have the external IP address A. Meaning that in the network settings of the windows 2008 server (which I intend to make it), it will be an external IP and not an internal IP and NAT-ed by the router.
3. The local LAN (not including the external faced machine mentioned in no.2) will be NAT-ed for internet access.

Can you advise if I'm on the right track as per the diagram I cooked up. As well as what Draytek model or what generic advice you can provide.

Thanks a million!

 Proposed Network Diagram
0
Comment
Question by:binele
5 Comments
 
LVL 2

Expert Comment

by:cocospm
ID: 34154046
The 2820 has a multi-NAT feature which you can use, as explained here: Using MultiNAT.

But I have to ask - why you are trying to do this?? SBS 2008 has very good remote access facilities, and none of these require multiple public IP addresses. Also, the way you have illustrated your intended setup, you have the LAN workstations on a separate subnet from the SBS 2008 (which won't work), connected via a second router.
0
 
LVL 5

Expert Comment

by:q2q
ID: 34156596
Yes a good way would be to follow the above guide. I also agree with cocospm. You would be far better using port forward on the services you require to have public access on the 2008 server.

If its becuse you want to isolate the server totally you would be better having the draytek 3300V+ as this has true DMZ
http://www.draytek.co.uk/products/vigor3300vplus.html

If you wanted to do this you would need a simple adsl modem ( you could use your current router - set it up using the second lan range, just put in your public address) to sit in front of the 3300v.
SEtup the 2008 server in the dmz and your regualr clients behind the lan ports of the 3300v.
0
 

Author Comment

by:binele
ID: 34157405
Hi, we intend to install 3cx SIP server on the windows 2008 server. Even though it works behind a firewall with port forwarding etc, there is still an issue with remote hard phones (outside the current network). To avoid any problems with firewalls issues, compatibility and all, we've tested with an internet based server as a test. Now the challenge is to get the current infrastructure we've got (which is an internal server) to act as an internet facing server directly.

The multiNAT feature will not work in what I'm trying to achieve as it still is "PORT FORWARDING" to the designated server.

I understand from Draytek support that you can use the IP ROUTING Feature under the LAN settings. Not sure if this will work as I haven't tried it yet... I didn't think they understood my requirements though....

Any thoughts?
0
 
LVL 5

Accepted Solution

by:
q2q earned 450 total points
ID: 34162211
yes I have used the IP routing feature before, it works by setting up a second ip range in the lan setting (it is labeled as routing purposes). I normally put the newly allocated ip range in the range complete with subnet. Then anything attached to the router configured with a public wan ip from the 2nd range works as if directly hooked up.
IF you want to do it this wasy you are limited to one ip range (doesnt matter how big) so it may be worth getting a reasnable range in case you ever want to expand.
So to clarify as an example

fixed ip WAN of adsl would be (WAN > Internet access > WAN1 ) unchanged
your current public ip range
In the IP alias section ass the 1st public address from your allocated range eg 80.80.80.1
your lan setttings (LAN > GENERAL SETUP, 1st IP addrss) would be unchanged
your lan setttings (LAN > GENERAL SETUP, 2nd IP address) would be set to
ip address - 80.80.80.0
mask 255.255.255.248
set RIP to protocol control to 2nd subnet



This is an example of a small block of 8
You would then setup the network card on you 2008 server to use 80.80.80.2 with the same subnet and a gateway of 80.80.80.1 (the alias ip given to the router)

Hope this makes sense.



0
 
LVL 4

Assisted Solution

by:Ravenbridge
Ravenbridge earned 50 total points
ID: 34172277
Hi

Further to q2q's excelent explanation, I can confirm that the solution will work, but you must also ensure that you haven't added the public ip addresses to the NAT pool.

Go to Wan - Internet Access - Wan1 - PPPoA / PPPoE click on WAN IP Alias and make sure that your block of public IP addresses are not listed
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now