Understanding how our ISP's directs/routes a 2nd block of IP addresses at our firewall

Posted on 2014-08-12
Last Modified: 2014-08-13
I recently helped a consultant change out our firewall. We recently moved to a Dell Sonicwall NSA2600.  One of the steps in putting the new firewall in place was configuring the WAN interface the same way it was on the old firewall WAN interface, no surprise there.  With the exceptions of altering some access rules on the new appliance we aren't really have any issues so all is good there.  What I did come to realize is that we have two separate blocks of public IP address or better I should say two blocks of non-contiguous Public IP's.  I'm somewhat new to my company and never game detail attention to all the public IP's so I figured I would use this IP Range finder  and discovered there where two blocks -

My question is in that we have the first block that we had assigned to us configured on the WAN interface however nowhere in the firewalls did we have configuration for the 2nd block however it works. Those IP's are used in our Firewall rules and traffic gets into the services we allowed via access rules.    I called the ISP and tried to get some more information on how it works but the tech could tell me that when he logs in our (ISP provided) router/modem he can see the blocks of IP's.   So it's obvious that the ISP is doing something on their end to route traffic to those IP's on their end.  I'm just amazed that we didn't have to specify that 2nd block of public IP's on the existing or another WAN interface on the SonicWall.  Does anyone know how this is working? also what the ISP is doing to direct traffic to those IP's?    I'm sure many people have the same scenario, I'm just looking for a fair understanding because right now I have not clue how to remotely explain how this works.

Thanks EE community!
Question by:sugadmin
    1 Comment
    LVL 20

    Accepted Solution

    This is done in the ISP gateway, routing both ranges of addresses to the one you have configured.

    Typically the ISP would do this for you.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
    Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now