Multiple IP to one WAN port

Achro
Achro Posts: 8  Freshman Member
First Comment Friend Collector
edited April 2021 in Security
Dear All,

I have a ZyWall 110. From ISP I'v got a 12 public IP range (mask: 255.255.255.240). I need to get them all to WAN1 port. 
I'm absolute beginner ZyWall user, so please help me. What IP adress need to be the WAN1 interface, how trunk the all address. After configure the WAN and LAN, I have to make 2 site-to-site VPN connection too :(

Every help welcome

Tamas from Hungary
«1

All Replies

  • Achro
    Achro Posts: 8  Freshman Member
    First Comment Friend Collector
    As I see, the ZyWALL automaticaly use them.
    Sorry for dumb question
    T.
  • PeterUK
    PeterUK Posts: 3,456  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    So how you getting their Public IP's? With the WAN port connected to your modem do you get one of the public IP's? Or some other IP?

    Are you looking to have your LAN with these Public IP's or use 192.168.1.xxx and NAT them to the Public IP's?


  • Achro
    Achro Posts: 8  Freshman Member
    First Comment Friend Collector
    Hi PeterUK, 

    I get them all to WAN1 from ISP's modem. 
    I have 3 local VLAN 192.168.180-181-182 for LAN, Management and Guest. 
    For LAN VLAN I set DHCP server, but unfortunately my PC can't get IP.

    Thx

    Tamás
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Hi @Achro,
    Can you see DHCP packet coming to ZyWall110 Lan/VLAN interface ?
    If you cannot see client send DHCP request packet on ZyWall110 Lan/VLAN interface.
    You can check downlink switch VLAN setting

    Packet capture for DHCP
    Router> packet-trace interface ge3 extension-filter port 67 or port 68

  • Achro
    Achro Posts: 8  Freshman Member
    First Comment Friend Collector
    edited July 2020
    Zyxel_Cooldia,

    Yes the request packets are coming, but no reply packet :(

    THX

    Achro

    UPDATE: I change the policy settings and now it works!

  • Achro
    Achro Posts: 8  Freshman Member
    First Comment Friend Collector
    So my VLANs and internet connection are working.
    But ...
    I have a web server too. My WAN interface address is x.x.x.205. The web server's public address is x.x.x.193, local address is 192.168.180.50 and it is in VLAN5.
    How the hell can I set working NAT and policy rules and the two public address.

    I'm afraid I need to set up an external VLAN as well, but what IP address do I need for the WAN port if the external VLAN is x.x.x.192 / 28?

    THX
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Hi @Achro,
    Do you mean two public IP Source NAT for 192.168.180.50(Outbound) or Destination NAT(Inbound)?
    As for second question, there is no need to set up vlan for this. Just pick a valid public IP for device wan interface.
  • Achro
    Achro Posts: 8  Freshman Member
    First Comment Friend Collector
    edited July 2020
    Dear @Zyxel_Cooldia,

    I have IP range x.x.x.192/28 : 

    Broadcast: x.x.x.207

    HostMin:   x.x.x.193

    HostMax:   x.x.x.206

    Def. GW: x.x.x.206

    Netmask: 255.255.255.240

    I would like to use them all.

    Our sit2site VPN is x.x.x.205 and this is the WAN1 port's IP now, I can ping it, but I can't the x.x.x.193, whitch is the web server's public IP. 

    THX

    T.


  • Achro
    Achro Posts: 8  Freshman Member
    First Comment Friend Collector
    Zyxel_Cooldia,

    Yes the request packet are coming, but no reply packet :(

    THX

    Achro
  • Achro
    Achro Posts: 8  Freshman Member
    First Comment Friend Collector
    Zyxel_Cooldia,

    Yes the request packet are coming, but no reply packet :(

    THX

    Achro

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)