Low price routers that will let me use multiple static IPs

I've been assigned 5 static IPs from my ISP. Apparently my router can't take advantage of this (D-LINK DIR 615) and I need something that can.

Anyone here have any suggestions on a reasonably priced router? I don't need anything fancy, I just want to be able to assign vmware slices their own static IP addresses.

I was going to buy another NIC and run a wire to a switch in front of the router to connect directly to the cable modem but I'm not sure if that's a good idea.

Any thoughts?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zerox HoopLinux AdminCommented:
Well, a router that handles IP addresses and low cost don't go together.  I have never seen a cheap SOHO router that has the capability.

You could probably setup a machine as a gateway and accomplish this, I haven't really researched this option.

You might also be able to use the switch outside the router, and connect a second NIC in the server machine to the router to allow access and updates.

For help check that link.
If my understanding is correct, you are planning to use the static IP's for internal VMWARE hosted servers. You could use the static NAT feature , which would do a one to one mapping for servers residing inside. A used Cisco 2611 XM/1751 would solve your purpose.
Andrew DavisManagerCommented:
maybe i am reading this wrong but i thought when an isp gives you multiple static ip's they give you a gateway ip that is what your router gets as its external the 5 other IP's are for use internal and would require that your servers have two nic's (1 internal, and 1 external) then all the router does is manage these similar to a multiple DMZ.

Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

mcaincAuthor Commented:
My current router will only allow me to assign a single static ip to it. I went ahead and installed another NIC in this machine and put a switch before the router but now I'm stumped at how to approach this correctly.

Basically, I want my primary OS to utilize the network through the router so that it isn't directly accessible to the internet.

Now that I have installed the second NIC, I'm able to assign it an IP directly from the modem since there is no router in front of it. So now essentailly I have both internal and external connectivity on this main OS (NIC1 to router->internet and NIC2 to internet).

What I'm confused about is, how can I make sure that my OS only uses NIC1 for internet connectivity and that applications like my local development environment (apache/mysql) aren't accessible to the public through NIC2?

I hope that makes sense... this has me pretty confused!
Fred MarshallPrincipalCommented:
Here is what I'm doing with no "router" involved exactly.  That is, there is no router between the public addressed devices and the "internet" .. as there should not be anyway, right?

There is a router which provides the interface to the ISP.  The outside or WAN address is in a subnet used by the ISP.  The IP block assigned to us by the ISP "lives" on the inside / LAN side of the router.  The router LAN side takes up one of the block of addresses.  In other sites this role is taken by an ADSL modem.

Anyway, these inside ports router or modem are connected to a simple switch (well, in our case a managed switch).  Then each of the public addressed devices also plug into the switch.  They are each assigned their respective public IP addresses manually.

There is no firewall in between.  So, each device with a public address has to deal with its own firewall issues.  Some are VPN devices, one is an internet gateway/firewall, etc.
mcaincAuthor Commented:
Yeah, I just didn't want my main OS to be publicly accessible but I needed a way to be able to assign IPs to the vmware workstation slices on the same machine.

It looks like I can't do this with the router I have so I figured I'll install a second NIC to get on the public subnet.

But now that this second NIC is on a public subnet, that essentially removes the protection of the router and opens this machine up to the outside?

I'm just paranoid and don't like the idea of having my main machine accessible to the public but I suppose with a proper firewall in place everything should be fine.
Andrew DavisManagerCommented:
This doesnt make sence. EVERY device on the internet are behind routers. You may be passing through all traffic or ports but it is still behind a router.

Why cant you do as Fmarshal is suggesting. even though it gets confusing with 'I'm doing with no "router" involved '  then next para 'There is a router which provides the interface' so there is a router.

it is just simple portforwarding or routing tables for the internal IP's which are publically addressable IP's

Fred MarshallPrincipalCommented:
I guess you could say there's a bit of a conflict in your requirements.

You don't want NAT between the publicly-addressed devices and the one true internet gateway device.  That's because your valuable public addresses would then be masked if it's even possible with your particular equipment.

But, I can imagine a firewall between the true internet gateway device and the other publicly-addressed devices.  Sounds like a DMZ sort of connection to me.  So perhaps the question is:  "Can I set up a DMZ for multiple publicly-addressed devices?"

This then raises the question:  What are the rules for the "public firewall" .. the thing that sits between your publicly-addressed devices and the public internet?

One configuration that's cited is with a DMZ Firewall, followed by the publicly-addressed devices including the site firewall.  In a case like this you could have 2 NICs with one on the main LAN and one in the DMZ zone.  The problem of course is that you are bypassing the main firewall at one of the NICs.    So, how do you isolate that NIC from the rest of your system?

I think this is why folks generally have different devices in different zones.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
There are internet modems that come with several ehternet ports (i.e. Motorola Netopia) and
routers with several ehternet pots as well (i.e. SonicWall NSA-240 @ $ 1,000.00).
The NSA-240 has 8 ehternet ports (X1 - X8) that can be defined with public IP addresses. Within the SonicWall router you would have to specify a direction, whatever comes in through the public IP defined in X1 send to X computer on the inside private network, traffic on X2 send to Y computer, etc.
mcaincAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.