I have a CCR1009 and I am trying to send a public IP trough a wireless point to point link from my CCR1009 to a RB2011
Configuration as follow:
CCR1009
BridgeLocal= Local Ports 192.168.X.X/22 for local network sfp1 port on this network.
BridgeWAN= Public IP x.x.x.x/26 DHCP created on BridgeWAN
Vlan10 VlanID 10= Vlan created in BridgeLocal and is part of the BridgeWAN
Ether1-WAN=Wan port receiving Public IP's
sfp1= To CRS125-24G-1S Switch
CRS125 switch to Wireless AP Ubiquity with an static IP from the local network
Customer antenna in BridgeMode with a static IP from the local network for management.
Customer router is RB2011
Ether1-WAN=it has the cable from the antenna to get the IP
Vlan10 Vlan ID 10 in Ether1-WAN
DHCP Client created with Vlan10.
I am not getting IP address from the CCR1009.
I can assigned a local ip from the local network of the CCR1009 doing double NATING but that is what I want to avoid and wanted to deliver a Public IP to the customer with a VLAN but I can't on wireless scenario I can on switches but not on the wireless Scenario. Any help will be appreciate.
-
-
ariosvelez
newbie
- Posts: 29
- Joined:
- Location: Ocala, FL
- Contact:
Re: Vlans trough Wireless point to point link
Why not just do a stateless 1:1 NAT mapping to the static private address and get rid of the complexity?
Another simple way to get the public IP to the client w/o having to bridge a VLAN across a few devices is to point static routes to the assigned public IP /32 - in the CCR, route it to the 2011's private IP, and make sure the srcnat and dstnat chains both have an "accept" rule for that public IP so that it simply passes through the router w/o getting translated.
Then the 2011 can use srcnat/dstnat with this public IP address instead of masquerade.
If you want to do it with bridging, why not use an EoIP tunnel between the CCR and 2011 so that you don't have to have the extra tagged VLAN everywhere? In CCR, instead of the vlan10 interface, make an EoIP tunnel interface with the internal IP of the 2011 as the remote IP, and the LAN IP of the CCR as the local IP. Then connect the EoIP interface to WAN bridge (only). On 2011, make a static route to the internal IP of the CCR via the actual private IP of its AP, but then put the public IP address on the EoIP interface and set the default GW to the public IP network's default route?
Having two different IP addresses with two different routing policies on the 2011 can get complicated.
Another simple way to get the public IP to the client w/o having to bridge a VLAN across a few devices is to point static routes to the assigned public IP /32 - in the CCR, route it to the 2011's private IP, and make sure the srcnat and dstnat chains both have an "accept" rule for that public IP so that it simply passes through the router w/o getting translated.
Then the 2011 can use srcnat/dstnat with this public IP address instead of masquerade.
If you want to do it with bridging, why not use an EoIP tunnel between the CCR and 2011 so that you don't have to have the extra tagged VLAN everywhere? In CCR, instead of the vlan10 interface, make an EoIP tunnel interface with the internal IP of the 2011 as the remote IP, and the LAN IP of the CCR as the local IP. Then connect the EoIP interface to WAN bridge (only). On 2011, make a static route to the internal IP of the CCR via the actual private IP of its AP, but then put the public IP address on the EoIP interface and set the default GW to the public IP network's default route?
Having two different IP addresses with two different routing policies on the 2011 can get complicated.
Who is online
Users browsing this forum: Amazon [Bot], Bing [Bot] and 69 guests