Link to home
Start Free TrialLog in
Avatar of Adam D
Adam D

asked on

Ubiquiti Edgerouter X - multiple public IPs

I understand how to set multiple public static IPs to the WAN interface (usually eth0).  But I am in a unique/new situation (to me) on trying to figure out the following.

I am subscribing to a satellite service (no other viable option).  They offer "persistent IP's" which is ALMOST like public static IP's, I am being told (still discussing that with them).  The way they present it is:

a) Installation
b) Connect your device to the modem
c) Get an IP address
d) They manually map their DHCP address to the MAC address of your device in their table
e) Now you have a static IP (which is supposed to be routeable) - ie. Public

So, I am trying to figure out how in this scheme of things, I can statically map an email server behind NAT to this public IP.

Currently I have static mapping in my cisco T1 router where inside = outside, one to one mapping.

Moving off my older Cisco 1841 to the Edgerouter X for more functionality.

Thoughts on how to achieve that in the Edgerouter X?

Thanks.
ASKER CERTIFIED SOLUTION
Avatar of Alan
Alan
Flag of New Zealand image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Adam D
Adam D

ASKER

A bit, thanks Alan.  But, I am wondering with this new setup and not getting the public IP's until AFTER connection - how would that work for the internal natt'd device?
Hi Adam,

Unless I am missing / misunderstanding, it should not really matter.

The external IP can change, but assuming packets are hitting the WAN side of the ER-X (from your modem / ONT or whatever), then the ER-X will forward them (or not) according to whatever rules you have in place.

Consider the situation where you have a dynamic external IP (fully routable, but not static at all) and are using a dynamic DNS provider to map a hostname to your (changing) IP.  Packets from outside (smpt - port 25 for example) would be aimed at the hostname, which is resolved to your current IP, and the packets come in to that IP, and end up at eth0 (say).  The ER-X then forwards accordingly.


To setup the rules, from the main 'Dashboard' screen, click on 'Firewall / NAT' which will, by default, take you to the 'Port Forwarding' screen.  Select the WAN interface as eth0 (or as appropriate), and the LAN interface as appropriate, then 'Add Rule'.


Perhaps give it a go, and if it doesn't work, post back with full details of your setup and the ER-X configuration?


Thanks,

Alan.
Avatar of Adam D

ASKER

Thanks Alan.

My new installation is not happening until next week, but I wanted to get ahead of the game to make sure I understand all the different aspects of how this might work and what I could/should expect.

I have always been under the impression having a static IP was, if not necessary, the best way to go for an Email server and it is the way I have been doing it for years now.  Are you saying that is not necessary (or no longer necessary) and using a DDNS works as well with no email communication loss?

- Adam
Hi,

Almost anyone running a mail server will have / want a static IP address.

You *can* do it with a dynamic address, but you have to have a mechanism for updating the dynamic DNS provider when your IP changes.  Many, probably most, such providers would likely have an application that you can install on your server, and you can also do that within the ER-X:

The following providers are explicitly supported:

    Afraid (Requires server to be hard-coded)
    Dnspark
    Dslreports
    Dyndns
    Easydns
    Namecheap
    Noip
    Sitelutions (Requires serial number to be set as the hostname)
    Zoneedit


https://help.ubnt.com/hc/en-us/articles/204952234-EdgeRouter-Built-in-Dynamic-DNS

You should also make sure that you ISP allows you to run a mail server on a dynamic IP (it varies - some require a business account with a static IP included) and that they allow incoming and outgoing connections destined for port 25.


Alan.
Avatar of Adam D

ASKER

Right, which is why I have a static on my current connection.  My new connection has their "version" of static IP's but apparently they cannot give me my static IP until after it binds to my MAC address through DHCP at which point they reserve it, I suppose.

I am still unclear of their process, it does not appear to be the usual method.

Well, I will find out next week and keep you updated.

Thanks. :)
Okay - Worst case, you might have to update your DNS records once the IP changes.

Generally, DNS changes will propagate within a few hours, and I rarely see more than 24 hours these days (no guarantees though - you have no control over how a third party configures their DNS servers).

Sounds like you should be fine :-)

Alan.
Avatar of Adam D

ASKER

Thanks for the detailed responses.  Your information was very helpful.
You're welcome - glad it worked out

Alan.