How to Configure Router for Metro Ethernet - which router to choose ?

Posted on 2014-11-20
Last Modified: 2014-11-20
I am not a router expert!    So, I am running a simple business network:  35 PC's including 2 servers behind a Juniper NS5GT "router/firewall" - using NAT (internally everyone is 192.168.0.x).    Email is routed through the firewall to the exchange server.   Majority of usage is outbound web browsing.

So, we have ordered and had installed a new 10MB Metro Ethernet fiber link from Comcast.   This fiber link will also be handling the phones - but that is not my concern at this time.

Here's the problem:   Comcast is giving me a WAN block of IP addresses as well as a LAN block of IP addresses.
WAN Block:  50.207.18/212/30  (GW is the .213, IP is .214)
LAN Block:      Usable: .241 thru .246

So...    Can I use the Juniper NS5GT ?     How can I configure it to do the job?   I thought at first that I could just ignore the LAN Block and assign the Juniper the address with gateway   In fact, I tried that with a Cisco RV120W (spare available to me to test at the time) and it seemed to work.   However, Comcast is telling me that this is not a valid configuration.   Thoughts?

If the Juniper 5GT will not work, which router would you recommend for this very simple configuration?
Question by:ponedog
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 95

Expert Comment

by:John Hurst
ID: 40455127
I use Juniper NS5GT and later SSG5 at clients. The configuration you have for one IP and gateway should be valid. For the IP, I would just use a single IP and not a range. Perhaps that is what Comcast is referring to .

Author Comment

ID: 40455165
John Hurst:   Are you on a Metro Ethernet link as well (with both a WAN block and a LAN block)?
LVL 95

Expert Comment

by:John Hurst
ID: 40455172
No. I am in a different country in North America and the local ISP's are not Metro Ethernet.

However my clients have a block of several IP addresses and I just use one.
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.


Author Comment

ID: 40455258
John Hurst:  thanks for your comments.   However, the key problem here is that the WAN Block and the LAN Block are 2 different disjoint block of addresses.  I am not sure how to tell the Juniper how to handle this situation...
LVL 95

Accepted Solution

John Hurst earned 500 total points
ID: 40455265
Juniper NS needs one IP from the WAN Block  the same as you had before Metro. Same settings except use

The LAN block is of course different. That is the internal setup 192.168.0.x as before. In theory, nothing here changes.

The only change is the hookup to the WAN.

Author Comment

ID: 40455340
John Hurst:   I just talked to a support engineer at Comcast.   Given our needs, he said that we can just ignore the LAN IP block (hmmm....   I think that is exactly what you said!).      I am closing the case and awarding the points to you - thanks a million !!
LVL 95

Expert Comment

by:John Hurst
ID: 40455483
@ponedog  - Thanks for the update and I was happy to help.

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

689 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question