1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

1800HG > WRT54G > BEFSX41. Routing static IPs, etc.

Discussion in 'Networking' started by pmcintire, Aug 3, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. pmcintire

    pmcintire Thread Starter

    Joined:
    Jan 12, 2006
    Messages:
    25
    Hey everyone, I was wondering if I could get some guidance in setting up what I consider to be an interesting network structure.

    Right now my office network is running off of a 2WIRE 1800HG. We have a block of static IPs and those are routed to workstations that need static with successful connectivity. This unit sits at the default .1.254.

    We also have a WRT54G with routing turned off acting as an access point on the third floor. This is offering successful wireless connections and static ip routing works right through it. This unit sits at .1.60.

    We also need to implement a BEFSX41 with VPN endpoint onto the network. Currently this unit is sitting at .1.30 with routing off.

    This is where the questions come in:

    The client who needed the VPN endpoint supplied us with the BEFSX41 and have requested that we give it a static IP so that it can be accessed and configured by one of his staff out on the internet. I have been struggling with trying to figure out how to make this possible.

    In the 1800HG, it has become evident that routing external static ips within the block is only possible to do with workstations that are pulling dynamic ips off of the 2WIRE. There doesn't seem to be the option to give something sitting static on the area network (.60 or .30) the ability to have an external IP.

    Could anyone be able to give me some info or guidance as to best figure this out? I'm assuming that it's possible (as most things are).

    Thanks!
     
  2. rainforest123

    rainforest123

    Joined:
    Dec 28, 2004
    Messages:
    8,256
  3. extrados

    extrados

    Joined:
    Jun 21, 2006
    Messages:
    24
    pmcintire,

    Setting up a device with a public static IP on a 2Wire HomePortal can certainly be done, although it may be a little different configuration than you are used to. The biggest difference is that the HomePortal doesn't just pass through the ports to a computer with a private address -- it actually gives the device the public address (although the HomePortal firewall is still active by default.) Since it sounds like you already have other computers using some of your static IPs, I'm going to assume you have the 2Wire configured for those and just address the configuration of the new BEFSX41.

    First, check one of the other devices that is using a static IP address from the 2Wire via DHCP. Take down what it is using for the subnet mask and default gateway.
    Next, setup the BEFSX41 to have one of your public IPs as its WAN address, and the subnet and gateway you got from the other computer.
    Finally, access the HomePortal and change the firewall settings for the BEFSX41 so that it is in DMZPlus Mode. This will allow all traffic to that public IP to go to the BEFSX41.

    That should fix it so the BEFSX41 is public. Since the HomePortal identifies computers by their MAC addresses, it would always give the BEFSX41 the same address if you set it up to use DHCP and then used the Address Allocation feature to give it one of the public IP addresses, but the configuration I have detailed above should work if you cannot use DHCP on the BEFSX41.

    Hope this helps,
    extrados
     
  4. pmcintire

    pmcintire Thread Starter

    Joined:
    Jan 12, 2006
    Messages:
    25
    extrados,

    It did work perfectly that way actually. I've posted on broadbandreports.com for help on this issue and ended up getting a response encouraging the same exact thing. I tried it all in the office today and saw a lot of success -- minus a couple of problems that turned up.

    This is the setup:

    AT&T is supplying us with a block of 5 sticky statics, in range .233 to .237. The 1800 is acting as the primary PPPoE router and modem. It's bridged to the mask 255.255.255.248 to allow those sticky statics to pass through.

    The problem with the 1800 (and what started this whole mess) is that it only lets you assign one of those five statics from AT&T to devices on the lan that are pulling local dynamic IPs from the 1800 DHCP server. If you have another router sitting on the lan assigned staticly (in the case of the WRT) you cannot give it a sticky static from the AT&T block. Yet, any workstation pulling a DHCP address from the 1800 can be assigned a sticky static in a matter of seconds.

    So, patching from the 1800 (it actually goes through a hub before it actually connects) to the BEF's WAN port worked wonders. After setting the BEF to pull a dynamic IP off the WAN port, the 1800 gave it a local area IP immediately. After it was assigned 192.168.1.65 (identifable in the device list as the BEF's mac address), I went in to the management website of the 1800 and gave that IP the sticky .237. The BEF refreshed itself after just a couple of moments -- and it was live on the internet through its new sticky right away.

    What followed was a little bit of troubleshooting to get everything talking correctly. I set the DHCP server on the BEF to assign the block 172.168.1 for IPs .1 through .5. and gave it the LAN address 172.168.1.254. I turned off NAT, and the Firewall and connected my notebook to see if it would pull an IP off the new net supplied by the BEF. It didn't. So I set my notebook static to 172.168.1.1 and it connected and I could again get to the management pages of the BEF. I discovered that in this mode, hardly anything was working. I could ping the router only, and while DNS would resolve (as I set a DNS server via static) it could not ping out or get to any webpages. I wondered if this was indeed NAT being off that was the culprit, so out of curiousity, I reenabled NAT on the BEF. It began working at that point.

    Currently, anything on the BEF's network can ping its own LAN (172.168.1.*) and anything on the main network (192.168.1.*) as well as anything out on the net. I haven't checked any of the boxes on the 192.168.1 side to see if they can ping anything on 172.168.1 but I assume that they would not be able to. However, just as I can from home, anything in the office can access the BEF with its new sticky IP of .237.

    Now, the question is: will having NAT running on the BEF while NAT is also running on the 1800 cause any problems? And how exactly will the VPN be set up for the other endpoint. The NAT thing I'm not sure about, the VPN thing isn't my responsibility.

    So as of now, things appear to be working. Any further suggestions?

    Thanks so much for your help!
     
  5. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    Don't fix stuff that ain't broke! :D

    How's that for a suggestion. ;)
     
  6. extrados

    extrados

    Joined:
    Jun 21, 2006
    Messages:
    24
    In the case of a "router sitting on the lan assigned staticly" you just have to configure it to have similar settings to what a workstation would pull. Since you already configured it with DHCP and it pulled down the public .237 IP address, if you wanted to configure it statically, you would just hardcode in the information it is currently getting via DHCP. i.e. - x.x.x.237 IP, same subnet mask, etc. The HomePortal handles public IP usage on the LAN by actually giving the IP address to the device, not just mapping IP to IP, so if you hardcode the public info to the Linksys, everything should continue to work.

    Regarding the double NAT, just make sure that the HomePortal firewall setting for the Linksys is DMZ, and since it is on a public (non-shared) IP, NAT should not be an issue. DMZ will also make sure that all protocol or port information should be passed through to the Linksys.

    extrados
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - 1800HG WRT54G BEFSX41
  1. ejolly
    Replies:
    6
    Views:
    291
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/489245

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice