Hello, I’m trying to figure out a way to get a client a public IP address with out using NAT, I’ve thought of a few ways but wanted to see if anyone had done it before, before i started messing around in a production router.
Attaching diagram of the part of my network that effects my client.
TIA
BTW I know I left out how I am thinking about how to do it
You must create a separate VLAN for public IP delivery. There are two ways, how to do it:
Create a special subnet with mask 30 and route it:
Example: You have a C subnet from your ISP: A.B.C.0/24 with default gateway A.B.C.1. You cut the sub net A.B.C.16/30 for client. Create a VLAN which is terminated on your Gateway with address A.B.C.17/30. Client setup A.B.C.18/30 with default gateway A.B.C.17/30. You can use standard ip filter to filter the traffic.
You expand your ISP connection to the VLAN.
Example: You have a C subnet from your ISP: A.B.C.0/24 with default gateway A.B.C.1. You bridge your ether1 with the VLAN. Client setup A.B.C.18/24 with default gateway A.B.C.1. You can use the bridge firewall to filter the traffic.
I’ve not dealt with vlans before, those will work fine with those 2 internal routers we have?
Yes, sorry, it’s not necessary to do a VLAN. I you setup A.B.C.17/30 on the last router Tower1. Then setup routing on gateway A.B.C.16/30 to the 10.11.xxx.xxx address of Tower1.
I think something is getting lost. I’ve attached an updated picture w/ a description about how my network is setup.
now I can add another RB at the customers location if that would help.
I tried setting it up like your last post, but I didn’t get anywhere. I may have done something wrong.
edit. attached wrong image
I think about it again, and I have made mistakes. If you have only one subnet from you ISP, there is only one way using VLAN. If you have independent addressing for connection and separate public subnet, there the other ways as I decribed.