cancel
Showing results for 
Search instead for 
Did you mean: 

IP Routing Question

N/A

IP Routing Question

I have a Binatone 2100 Router supplied with my ADSL service which is currently configured for NAT.

I have also been assigned a 16 block of IP addresses (14 usables) with this account - the subnet ID is 80.x.x.128, my router is currently assigned an IP address of 80.x.x.129 and my broadcast address is 80.x.x.143.

Now I want to plug several devices directly into this router and assign "routable" static IP addresses to them (i.e. 80.x.x.130 and upwards) to support such things as a firewall, a separate VPN end-point and other devices.

Can anyone offer any suggestions on how exactly I'm meant to configure my router? I've tried asking F9 but they've told me that they don't support this....! Looking at the router, it seems possible, but I just need someone to give me some guidance on how to get started..

Does anyone have any experience of this at all please?

Thanks in advance,

Peter
10 REPLIES
N/A

Router & NATs on Binatone

Hi Peter,

Well I have a few years in IT & Computing & networking including router installation and configuration. OK I think we need to clarify a couple of things here first off.

1) When force9 say they dont support this, what I think they mean is that your router is NOT considered part of what they can offer technical support on. Or to put it another way non of the support staff can help you with your specific router, they're NOT trained on its in's & out's.

2) You've said in your post that your SUBNET ID is 80,xx.xx.128. This looks like an IP address and NOT a subnet mask and the term SUBNET ID is pretty unhelpful and confusing here. OK we use IP address's to uniquely identify devices such as routers or servers or PC's, Laptops, workstations etc when they are connected to a LAN or WAN (internet). The SubNet Mask is used to divide a large scale (size) network into smaller separate networks. A subnet mask is usually written as 255.255.255.0 or 255.255.xx.xx.

**A Networks ID can be worked out from it IP address, so for example part of Force9's own network ID is 255.56.88.xx (the 255.56.88 portion gives you F9's network ID).

**OK back to YOUR router (sorry! I digressed abit), lets go back to basic's for a minute here. Your Binatone 2100 router should have an external WAN (public facing internet ) IP adress for example 255.56.88.?? which is supplied to you by F9 this has to be a unique IP address and you will probably have to write this into the configuration page manually by hand, then probably have to save & reboot the router for that to take effect. After that your router should be visable by F9 and someone like myself who knows your IP can then ping your router to see if its present on the network or internet.

**Can I just check with you does your router have a DHCP server built into it? and does it have a firewall built into it? Does your router auto-detect your line & network parameters (settings) enabled or not?

**You need to understand exactly HOW & WHAT NAT's does? Network address translation will translate an incoming request for information to a specific IP address (ie. your routers IP) and translate that too a completely different IP address of another machine sitting behined your firewall or router.

So for example: "computer A" has your website on and has an IP of 192.33.57.09 your routers WAN IP 255.56.88.100 (for example) So router's IP ==>> NAT ==>> computer A & website, so inbound request for your website at domainname xxxxx.co.uk (is associated with 192.33.57.09) is translated via your router at 255.56.88.100. (so 255.56.88.100 to 192.33.57.09).

**For specific services you need to allow specific ports to be opened such as VPN pass through etc. See if your router offers port forwarding.

**Check your router's firewall isnt enabled so that its blocking the services you might need/want.

Ivan

--------------------------------------------------
F9 FOL Forum Moderator
F9 Broadband Premier 2MB User
N/A

IP Routing Question

Ivan,

Thanks for the reply....

To clarify some of my posting:

1) My router was supplied by Force9. Therefore, I think I should be reasonably entitled to expect them to have a degree of knowledge about the products they are selling me. However, their support engineers appear to be unaware of how to enable a non-NAT configuration in this router which I assume is not an unknown requirement when you request additional IP addresses...

2) My subnet ID is 80.x.x.128 - I actually have a subnetted range which starts with my subnet network id of .128 and ends with a "broadcast" address of .143, everything from .129 to .142 is a "usable" from within my 16 block. My subnet mask is 255.255.255.240.

3) You're right - my router does have several settings in relatin to WAN IP addresses - it picks up what appear to be dynamically assigned addresses in the scope 195.166.128.x but another screen in the router config is telling me that my router's WAN IP address is 80.x.x.129 (part of my 16 IP range). It then also tells me that my internal IP address for this router is 192.168.1.2 which implies NAT is in use. F9 support can ping the 80.x.x.129 address fine but that's as far as they're prepared to go in supporting it.

4) The router does operate DHCP and does have a firewall, my internal devices are currently leasing IPs in the 192.168.1.x space.

5) I assume the router is downloading a config from F9 somewhere but I am not sure how this aspect works.

6) I do understand NAT - the router works fine as a NAT device but I now need to turn this off and statically assign the 80.x.x.x addresses for other devices, however, when I try to do this, none of the devices can ping or be pinged, equally, F9 are unwilling to help me troubleshoot this any further. It looks to me that I need the router to assign a different IP address outside of my 16 block to the WAN (Outside) interface and assign the 80.x.x.x addresses inside instead of 192.168.1.x. however, I don't see how this can be achieved with the current router options. Port forwarding options are available but I actually just want to put devices into my 16 block and let them manage the traffic themselves rather than use NAT & Port forwarding.

In summary it seems to me that the Binatone 2100 is not a great piece of kit, and I have to admit some dismay at finding that F9 are refusing to assist with supporting something they sold to me. But, the biggest problem is the apparent lack of non-NAT capability on this router - I suspect that the non-NAT service "should" work which means I think there's a likelihood of a bug or firmware problem. Alternatively, if anyone has got any experience of using their additional IPs in this way then I'd be grateful for any further advice.

Regards,

Peter
N/A

Binatone Router replying,Ivan

Hi Peter,

Its hard answering these kind of questions because its difficult to know how much knowldge users have on networking & IP's etc but in your case you seem to have a reasonably good grasp of the concepts involved.

**OK I can accept what your saying about being supplied the Binatone router by F9 this seems like a pretty grey area to me?. Well its NOT very good if F9 didnt make it crystal clear to you before you purchased this device that they couldnt help you with the setup config of the product and that they couldnt offer any technical support on it either. Yes! I can see your point of view on that.

**Yes! perhaps you've summarised it well, but the only thing I can think of here is that you should look to see if you can turn off NATS completely, I wonder if there is a check box or radio button that allows this (turns on or off nats) in the binatone setup config page. If you can turn off NATS completely then this might allow you to manully assign all the required IP address's by hand. If this isnt at all an option then I think you need to look & think again. Thats all I can suggest really sorry I know this wont sound very helpfull probably.

**Humm!! who ever said routers are simple?

Ivan

--------------------------------------------------
F9 FOL Forum Moderator
F9 Broadband Premier 2MB User
N/A

IP Routing Question

Ivan,

Thanks for the swift response - there IS an enable NAT checkbox but when I untick it and save/reboot, the router will not pass any traffic at all from other IP addresses within my 16 block.

Because I can't get any help with the actual settings

I've tried 4 different devices, all with differing configs (Seeing as F9 are unwilling or unable to tell me what the "correct" setting should be, I'm trying all variations to ensure I don't overlook the right one!) but still cannot see anything at all. I.e. I cannot ping the router from my laptop. Nor can I ping any of the devices from outside.

There's no detailed manual supplied with the router or even downloadable from Binatone, so I'm really stuck in a hard place here. I'd prefer not to have to buy a Cisco ADSL router or similar just to make this work...

The annoying thing is, I think this should just work!

Does anyone else have any ideas?

Cheers,

Peter
N/A

A Router that does the job required? Ivan

Hi Peter,

OK I think you've spent enough time trying to make this work now. If the device you've purchased from F9 doesnt provide you with the services you specifically require then I think your well within your consumer rights to send the Binatone 2100 router back to F9 and request your money back, I definately would if it was me. As the item is not fit for the purpose required!! it just isnt capable of what you want / need.

I think your going to have to look around for a router that specifically allows you a manual setup for a Non NAT configuration and I'm sure there must be suitable routers out there in the market.

**If the Binatone 2100 doesnt even have a makers guide or downloadable PDF manual to instruct you in a Non Nat config I think your pretty stuffed mate to put it mildly. Shockedops: Really sorry but thats my conclusion, I think your banging your head on a brick wall with the Binatone 2100.

Ivan

--------------------------------------------------
F9 FOL Forum Moderator
F9 Broadband Premier 2MB User
N/A

IP Routing Question

I agree.

I don't think the Binatone supports what you're trying to do.

Non nat isn't really the way to go for security and scaleability reasons. You need an ADSL router that supports multiple IP's on th the WAN side port, and Apart from very epensive and difficult to configure Cisco kit, you may bo out of luck.

I'd try a cheap router only with a hub behind it, run your perimeter machines there locked down with IPSec and firewall NAT to your internal network. This enables you to leave mail and web servers exposed but keep your private network unpublished.
N/A

IP Routing Question

I submitted a support ticket to F9 basically saying that I wasn't happy with the router, and that I should reasonably be able to expect some support on something they had sold me.

I got a reply back from their technical support team basically saying they don't support anything other than their basic configuration!! Whilst it appears you can get additional IP addresses, they won't help you configure your router to use them nor offer any assistance with getting it working.... this is bizarre.

Disabling NAT on my router so that I can utilise a "proper" firewall and other devices is not rocket science but it would appear that getting anyone from F9 to assist is asking the impossible. I'm now reconsidering my use of F9 as my ISP following this revelation......

I've tried chasing it up 3 times but support won't even respond to my updates - not only is that plain rude, but it is very unprofessional. I am very, very disappointed.
N/A

IP Routing Question

I don't really know how you expect suport to react, You have the IPs pointing up your line, that's their job done IMO. :?
N/A

End of the line Binatone 2100

Hello globalgroup

I know from your previous postings that you had really gone into all this in some depth, so we all know that you've made a sterling effort to get this router to work in the way you need. Personally DONT waste any more of your time or effort on this, its pretty clear its NOT going to give you what you need. Just box the router up and send it back to F9 and ask for your money back. Really!! I cannot see F9 being able to object after this much stress & hassle.

I mean really no! manual, no support and doesnt do what you need how much clearer can it be?. I know your probably reluctant to let it go but I think the point has come when you have to cut your losses and serious think again about finding another device that will a) specifically give you exactly what you require as stated in its sales documentation b) look for another way or technique to achieve the same goal.

*I'm so sorry that you've had to struggle with this but I cannot see you getting further with the Binatone 2100 now.

Ivan

--------------------------------------------------
F9 FOL Forum Moderator
F9 Broadband Premier 2MB User
N/A

End of the line Binatone 2100

Hello globalgroup

I know from your previous postings that you had really gone into all this in some depth, so we all know that you've made a sterling effort to get this router to work in the way you need. Personally DONT waste any more of your time or effort on this, its pretty clear its NOT going to give you what you need. Just box the router up and send it back to F9 and ask for your money back. Really!! I cannot see F9 being able to object after this much stress & hassle.

I mean really no! manual, no support and doesnt do what you need how much clearer can it be?. I know your probably reluctant to let it go but I think the point has come when you have to cut your losses and serious think again about finding another device that will a) specifically give you exactly what you require as stated in its sales documentation b) look for another way or technique to achieve the same goal.

*I'm so sorry that you've had to struggle with this but I cannot see you getting further with the Binatone 2100 now.

Ivan

--------------------------------------------------
F9 FOL Forum Moderator
F9 Broadband Premier 2MB User