Urgent One to One Nat assistance required

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
charzelo
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 6

PostPosted: Tue Nov 19, 2013 19:52    Post subject: Urgent One to One Nat assistance required Reply with quote
My apologies in advance as I don't know if is the right place to post this:

We have 62 static addresses from our isp. We need to assign some of our internal devices (copiers, voip phones, etc) public addresses. From my previous draytek router there was an option to add a 2nd network. This is where we added the addresses.

From my understanding I will need to have a One to One Nat configured on the dd-wrt. I have read numerous articles on here as well as the official One to One NAT page but i can't seems to find the solution.

I have got the start-up script right but the firewall script is where i am having issues
WANIF=`get_wanface`
ifconfig $WANIF:1 xxx.xxx.xxx.65 netmask 255.255.255.192 broadcast xxx.xxx.xxx.127
WANIF=`get_wanface`
ifconfig $WANIF:2 xxx.xxx.xxx.66 netmask 255.255.255.192 broadcast xxx.xxx.xxx.127

----------------
WANIF=`get_wanface`
ifconfig $WANIF:62 xxx.xxx.xxx.126 netmask 255.255.255.192 broadcast xxx.xxx.xxx.127

Please help. Thanks
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Wed Nov 20, 2013 0:04    Post subject: Reply with quote
There's nothing to work w/ here. Those ifconfig lines are part of the startup script, which you said you had “right”. But then you tell us you're having problems w/ the firewall script, and leave it there.

All I can recommend at the moment is the dd-wrt wiki:

http://www.dd-wrt.com/wiki/index.php/One-to-one_NAT

Beyond that, until you describe what you did w/ YOUR firewall script and what's happening (error messages, behavior, etc.), as I said, there's nothing to work with here.
charzelo
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 6

PostPosted: Wed Nov 20, 2013 19:00    Post subject: Reply with quote
eibgrad wrote:
There's nothing to work w/ here. Those ifconfig lines are part of the startup script, which you said you had “right”. But then you tell us you're having problems w/ the firewall script, and leave it there.

All I can recommend at the moment is the dd-wrt wiki:

http://www.dd-wrt.com/wiki/index.php/One-to-one_NAT

Beyond that, until you describe what you did w/ YOUR firewall script and what's happening (error messages, behavior, etc.), as I said, there's nothing to work with here.


Sorry if i am being vague. I understand that in order for my setup to work i need to:

1. retrieve the addresses from my isp which is the startup script:
WANIF=`get_wanface`
ifconfig $WANIF:1 xxx.xxx.xxx.65 netmask 255.255.255.192 broadcast xxx.xxx.xxx.127
WANIF=`get_wanface`

2. assign the static addresses to the LAN address. which is the firewall script. Here is my code so far:
#CopierReception 192.168.1.13
iptables -t nat -I PREROUTING -d xxx.xxx.xxx.65-j DNAT --to 192.168.1.13
iptables -t nat -I POSTROUTING -s 192.168.1.13 -j SNAT --to xxx.xxx.xxx.65
iptables -I FORWARD -i $WANIF -d 192.168.1.13 -j ACCEPT


This seems to be working for some of the devices but not all. This solution is perfect for the VOIP phones but not for the copiers as the copiers are attached to a remote server. The copiers need public addresses assigned in order to print from the server.

Is there any way i can manually input the public addresses without relying on the NAT configuration?

Thanks
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10143

PostPosted: Wed Nov 20, 2013 23:15    Post subject: Reply with quote
You need to use VLAN's to put the copiers in the same VLAN as the WAN port so that they are directly connected to your ISP.
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
charzelo
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 6

PostPosted: Wed Nov 20, 2013 23:24    Post subject: Reply with quote
phuzi0n wrote:
You need to use VLAN's to put the copiers in the same VLAN as the WAN port so that they are directly connected to your ISP.


could you please forward me to guides on how to do this?
charzelo
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 6

PostPosted: Thu Nov 21, 2013 17:33    Post subject: Reply with quote
i finally found an article that is the solution to all my problems and then relaised that my router (wndr3700v2) chipset isn't vlan supportive.
Is there any other way around this?

Please help
charzelo
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 6

PostPosted: Sat Nov 23, 2013 12:43    Post subject: Reply with quote
Still no reply? Please help guys
Mile-Lile
DD-WRT Guru


Joined: 24 Feb 2013
Posts: 1468
Location: Belgrade

PostPosted: Sat Nov 23, 2013 21:37    Post subject: Reply with quote
did you tried:

Code:
http://192.168.1.1/Vlan.asp


192.168.1.1=IP adress of your router?
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sat Nov 23, 2013 22:18    Post subject: Reply with quote
charzelo wrote:
i finally found an article that is the solution to all my problems and then relaised that my router (wndr3700v2) chipset isn't vlan supportive.
Is there any other way around this?

Please help


Seems to me if you need no NAT for some devices, and you have a router that doesn’t support VLANs, you’re stuck, at least if you’re trying to do this w/ one router.

So rather than trying to FORCE the situation w/ one router and a “virtual” LAN, why not use a second router and a “real” LAN! Simply place two routers behind a switch (obviously connected to the modem). Have one for one-to-one NAT’d public IPs (and all other traffic), and the other w/ no NAT for those devices that need to be on the public space.

VLANs are simply a convenience. Yeah, it’s cool, slick, maintains a small footprint. But sometimes it just doesn’t work out. But nothing stops you from using the real thing when you need it.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum