cancel
Showing results for 
Search instead for 
Did you mean: 

DG834 setup with Plublic IPs

N/A

DG834 setup with Plublic IPs

Hi,

I originally asked this in ADSL and did not get an answer so I'm trying here.

I have just got a block of 8 IP addresses from Plus.net and I am having a little difficulty setting up my network to match, probability due to my lack of understanding.

The block is ***.***.***.248 to .255 with net mask .248. IP .248 is shown as the gateway and I assume that this is the plu.net gateway to the internet. So using the netmask the 1st usable IP address I have is (1) this is my router and when I connect the system gives me ***.***.***.249, but a net mask of 255.255.255.255 so Q1 is this correct?

My moden etc is a Netgear DG834, I have set this to no NAT and the Lan IP address of the router to .250 with netmask .248 ie (2) as the DG834 does not seem to like have the same IP address on the Lan as the Wan connection. Q2 is this correct or can I just rely on the no NAT allowing the LAN to route the public IP addresses through the router to the gateway? The reason I ask is that this does not seem to work, but that could be due to other (internal) network problems.

With the DG834’s Lan IP set to a public IP, the firewall seems to still be active and blocking all incoming ports. If I use port forwarding it does allow connection through to the relevant public IP. Q3 Can I turn off the DG834’s Firewall? Port forwarding defeats the object of the exercise. I haven’t been able to find an option on the DG834’s menus for this and the Netgear site does not help.

What I am trying to active is something like:

Public IP Destination.

1 Router
2 Mail Server
3 FTP Server
4 Application Server (Uses HTTPS)
5 Web Server (Uses HTT & HTTS)
6 Gateway/ firewall/ router to Local network.
7 VPN Server ?

Note: all outward facing machines have dual Ethernet cards one public with firewalls and only the relevant ports open and the other on the local network for admin etc.

So Q4 can I do the above with the DG834 or will I have to change it? If so what is the best solution? Eg modem + Ethernet switch for the public addresses.

Thanks
_________________
Rob

Moderators note by John (johnessex) Original post removed. Please dont post the same thing in two places as you could get replies to both which then causes confusion.
23 REPLIES
FillDee
Grafter
Posts: 28
Registered: 30-07-2007

DG834 setup with Plublic IPs

Rob,

If you have 8 addresses from Plusnet, then you need a switch to connect all your PC's to. The Netgear is a router. By definition it needs a different subnet on the WAN port, or it can't route. You can, however, forget the WAN port and just use the LAN ports, but I believe there are only 4 ports. Not enough for you.

Bottom line. You don't need a router. Get a switch. Use an ADSL modem plugged straight into it. Problem is your firewall capabilities.

You can do what you want with a top quality software firewall product such as MS ISA (if MS can be considered top quality Smiley ), but not with the limited Netgear product. You need to create a DMZ which the Netgear can't do (only a default server which is useless). That way you can define which server get the requests for which IP address. The firewall software NAT's the incoming addresses to the DMZ addresses for you.

Phil
N/A

DG834 setup with Plublic IPs

Just thought I'd point out, the DG834 does do DMZ.

You would need a switch, but the DG834 can support 200+ computers.

You cannot turn the firewall off, but you could add rules which effectively disable it. You can also turn Nat off as well.
N/A

DG834 setup with Plublic IPs

I think I am going to get a cisco. Cheers anyway
FillDee
Grafter
Posts: 28
Registered: 30-07-2007

DG834 setup with Plublic IPs

Gadgetboy

Quote
Just thought I'd point out, the DG834 does do DMZ


How ? I cannot see anything remotely like this ?

Having said that, I haven't actually read the manual Smiley

Phil
N/A

DG834 setup with Plublic IPs

I'll find the option tonight when I go home, but it does do DMZ, since I used to use it for playing PS2 Games, before I had entered all the firewall rules.

or RTFM lol Wink
N/A

DG834 setup with Plublic IPs

It is in wan setup
Community Veteran
Posts: 14,469
Registered: 30-07-2007

DG834 setup with Plublic IPs

I don't think DMZ is relevant to your issue. All it allows is to forward all packets to a defined IP address on your local network. It's on the WAN setup page.

Have you tried the following:

- Disabled NAT
- Setup a incoming firewall rule to allow all connections through (this overrides the default of block always). This effectively turns off your firewall
- Set Use Router as DHCP Server under LAN IP settings
- Define a set of static routes on the Lan IP setup page to assign each of your PCs Mac addresses the specific IP address you want them to have. Or make each of your PCs use a static IP address and disable use DHCP on the router

Setup each PC to still use DHCP (or a static IP)

Restart / reboot everything.
N/A

DG834 setup with Plublic IPs

The problem I had was related to how my private network was interacting with the firewall settings on the netgear. I have looked at number of options including an ethernet modem and a swicth but I think the best option for the way my network is setup is to by a second hand ciso 1720. I was try to do things on the cheap. Thanks for all your help. Cheers Cheesy
Community Veteran
Posts: 14,469
Registered: 30-07-2007

DG834 setup with Plublic IPs

Have you actually tried what I suggested?
N/A

DG834 setup with Plublic IPs

I was not the netgear at fault is was the firewall at the gateway to my internal network not working as I tought. It would not take a second port forwarding from the netgear, also not allowing hhtps e.g logging into plusnet, msn ect and cookies stopped working. Open all the ports on the netgear still the same problem. So I am going to have spend money anyway so I may as well go the whole hog and do it right.
FillDee
Grafter
Posts: 28
Registered: 30-07-2007

DG834 setup with Plublic IPs

Sorry if I have missed something here, but, the Netgear is a ROUTER. Therefore the external port is a different subnet to the internal port. Since all the IP addresses Likely has are external addresses (provided by PLUSNET) then the router function cannot work and hence the netgear cannot be used. As far as I can see in the setup, there is no way to act as a 5 port switch, which is what you would need.

As far as the DMZ is concerned, it is a DMZ default server, not a whole De Militerized zone that the Netgear is capable of. That would require the setup of a further subnet (ie 3 - external, internal and DMZ). The netgear is a simple, although very good, device, but unless there are hidden configuration pages, it is simply not capable of doing what is required here. NAT is needed for a DMZ, so turning it off will defeat the object. Unless there is someway for you to define where an external IP address is mapped to an internal one (not Port forwarding as it is not enough) then multple IP addresses are of no use to the Netgear.

If I am wrong, then please correct me, but I will take some convincing Smiley
N/A

DG834 setup with Plublic IPs

Well the netgear can do more than port forwarding and it's capable of forwarding external IP address to internal Lan IP address or vice versa, which is needed. Which can be enhanced with specific ports as required.
You can also setup static routes as well.
FillDee
Grafter
Posts: 28
Registered: 30-07-2007

DG834 setup with Plublic IPs

How ? I am not being faecetious, I am just interested (and learning this comms stuff Smiley )
N/A

DG834 setup with Plublic IPs

The DG834 has a switch built into it as well. Its a router/modem/switch.

The user guide even states multiple ip addresses can be assigned. It gives a couple of examples of static route setups, albeit none of them relevant to the kind of setup you want.

I would listen to what peter has to say, as im sure it is possible with this router. I was about to try it myself so would be very interested in the outcome.