Comcast Fiber with Sophos UTM
I have a Sophos SG230 UTM device that I am wanting to use with Comcast FIber, my question is how to configure the WAN nic for use?
Here is what CC gave me:
Assign to your Layer 3 device:
P2P IP: 50.*.*.128/29
Gateway: 50.*.*.129
Customer Layer 50.*.*.130-50.*.*.134
P2P Subnet: 255.255.255.248
Customer’s Usables:
Customer Allocation: 50.*.*.0/27
Customer Useable IPs: 50.*.*.1 - 50.*.*.30
Customer Allocation Subnet: 255.255.255.224
Usable IPV6 Block – N/A
DNS Servers:
Primary: 75.75.75.75 Secondary: 75.75.76.76
So for the WAN address, would i assign the 50.*.*.130 with the 50.*.*.129 as the GW and then use the customer usables entered as secondary IP addresses then NAT the traffic, or would I assign the customer usable to the WAN directly and add the remaining as secondary?
Sorry, new at fiber setup and you help is appreciated.
Here is what CC gave me:
Assign to your Layer 3 device:
P2P IP: 50.*.*.128/29
Gateway: 50.*.*.129
Customer Layer 50.*.*.130-50.*.*.134
P2P Subnet: 255.255.255.248
Customer’s Usables:
Customer Allocation: 50.*.*.0/27
Customer Useable IPs: 50.*.*.1 - 50.*.*.30
Customer Allocation Subnet: 255.255.255.224
Usable IPV6 Block – N/A
DNS Servers:
Primary: 75.75.75.75 Secondary: 75.75.76.76
So for the WAN address, would i assign the 50.*.*.130 with the 50.*.*.129 as the GW and then use the customer usables entered as secondary IP addresses then NAT the traffic, or would I assign the customer usable to the WAN directly and add the remaining as secondary?
Sorry, new at fiber setup and you help is appreciated.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
A key difference between the cable and fiber services is that Comcast makes you do your own routing with the fiber service.
That said, I would invest in a router or layer 3 switch. 2Makes life much easier. That device would be between your Sophos and the Comcast fiber unit.
That said, I would invest in a router or layer 3 switch. 2Makes life much easier. That device would be between your Sophos and the Comcast fiber unit.
"So for the WAN address, would i assign the 50.*.*.130 with the 50.*.*.129 as the GW"
thats correct.
you may use a private IP address-range at the customer lan and use NAT / masquerading at the external interface.
or you use the "customer usable " IP range at the LAN or DMZ and are free to use NAT also or not.
thats correct.
you may use a private IP address-range at the customer lan and use NAT / masquerading at the external interface.
or you use the "customer usable " IP range at the LAN or DMZ and are free to use NAT also or not.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial