troubleshooting Question

Configure ZyWALL Firewall/Router to work with Cox CIDR and WAN IP

Avatar of Lloyd Charlier
Lloyd CharlierFlag for United States of America asked on
RoutersHardware FirewallsNetwork Architecture
12 Comments1 Solution627 ViewsLast Modified:
I have a small business network (~20 workstations and a few dozen VM-based servers) that is served by Cox Business.  All machines on our LAN have private IP addresses (192.168.1.xx) although some have a 1:1 NAT mapping to static public IPs.  Historically, we have paid Cox to provide us with a small number (~10) static IPs and configuring the network was a no-brainer.  Having now moved to a new office however, Cox initially provided us with five (5) static IPs but has now informed us that they are taking away four (4) of the five (5) static IPs and replacing them with a CIDR block (in an entirely different subnet).  I have read postings from others (both here on EE and elsewhere) who, like me , were confused as to how to configure their hardware to work with CIDR but their specific cases were slightly different than mine and they used different hardware).  While I am happy that Cox has assigned me what appears to be a much larger pool of usable public addresses (29), I am unsure how to take advantage of them!

My particulars are as follows (IPs changed slightly from actuals):

Router/Firewall: ZyXEL ZyWALL 110 (part of the ZyWALL 100/200/300 family)
WAN Address: 28.175.185.216
WAN Network Mask: 255.255.255.240
WAN Gateway: 28.175.185.209
DNS1: 68.105.28.16
DNS2: 68.105.29.16

Customer Network: 174.80.25.128/27
Suggested Default Gateway: 174.80.25.129
Customer Netmask: 255.255.255.224
Usable CIDR IPs: 174.80.25.130 - 174.80.25.158
Broadcast IP: 174.80.25.159

I would like to keep all of my machines on the same private network and, where necessary, provide either 1:1 NATing or port mapping as needed.

Can someone please:

1.


Explain the difference between my old approach (with dedicated static IPs, all in the same subnet) and the new CIDR approach with a block of IPs (in a different subnet from the assigned WAN IP).

2.


Educate me on how best to configure my specific firewall/router to work with this new approach.

Thanks in advance for any-and-all assistance!
ASKER CERTIFIED SOLUTION
nociSoftware Engineer
Join our community to see this answer!
Unlock 1 Answer and 12 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 12 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros