Router with the ability to do multiple IP forwarding.

Forums › 2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus) › Router with the ability to do multiple IP forwarding.

Naylz

42 posts

Geek
+1 received by user: 1

#127409 9-Aug-2013 10:10

We are just about to get UFF installed with callplus. The lines have been laid and we expect to go live next Wednesday.

I have just received a router from Callplus which is a CISCO 521W. I haven't played with it yet, but did a bit of research online. Does anyone know about this router. Is it able to port forward different IP addresses to different servers.

I understand that the Cisco 540 series are capable of doing this but not the 520 series.

Any

Inphinity

2780 posts

Uber Geek
+1 received by user: 1184

#874435 9-Aug-2013 10:42

Unless there has been a fairly recent update for the 521W that I haven't seen, no, it won't support forwarding form multiple WAN IPs to different locations. The problem I've seen is the NAT configuration on the 520 series doesn't includerule-filtering on the destination IP - all inbound traffic on a given port follows the rule for that port. So, if you had WAN IPs 1.2.3.4 and 5.6.7.8, you could just set up one rule that is "Port 9 inbound forwards to lan IP x.x.x.x", whereas on, say, the 540 series, you can do "Port 9 inbound to 1.2.3.4 forwards to x.x.x.x / Port 9 inbound to 5.6.7.8 forwards to y.y.y.y"

Naylz

42 posts

Geek
+1 received by user: 1

#874442 9-Aug-2013 10:51

That's what I got from my reading. Thank you for that.

cheers
Naylin

Zeon

3926 posts

Uber Geek
+1 received by user: 759

Trusted

#874499 9-Aug-2013 12:07

Why not get Callplus just to give you a public subnet for your servers? Will make things much cleaner for you and they have plenty of IPv4 space. They just need to route a /28 or /29 to your WAN address and you can run a normal firewall on the Cisco.

Speedtest 2019-10-14

Naylz

42 posts

Geek
+1 received by user: 1

#882472 21-Aug-2013 22:30

Zeon: Why not get Callplus just to give you a public subnet for your servers? Will make things much cleaner for you and they have plenty of IPv4 space. They just need to route a /28 or /29 to your WAN address and you can run a normal firewall on the Cisco.

This has been done but I don't know what the next step is. Can you help please.

Just posted my setup etc here

http://www.geekzone.co.nz/forums.asp?forumid=66&topicid=128741

cheers
Naylin

Zeon

3926 posts

Uber Geek
+1 received by user: 759

Trusted

#882496 22-Aug-2013 00:22

So what you should have in that case from Callplus is a linking IP or range which goes on the WAN address of your router e.g. 123.123.123.2

Callplus then need to configure their system to say that your subnet gets routed to that e.g. 200.200.200.0/29 next hop 123.123.123.2. This subnet is now yours to route as you please. You would usually create a new interface on your router e.g. on my router I have the following interfaces:

WAN: 1.1.1.2
ISP gateway: 1.1.1.1
PublicLAN: 2.2.2.1
PrivateLAN: 10.0.0.0/24

My servers would then be:
web: 2.2.2.2
active directory 2.2.2.3

etc.

I can now access those servers all directly via the internet so I put on firewall rules to limit access to my house's connection for management ports and allow all to 2.2.2.3 on port 25 as it runs my mail server.

If a client in the PrivateLAN wants to connect to the server they go via your router.

Does that make sense?

Speedtest 2019-10-14