6 Replies Latest reply on May 7, 2013 7:42 AM by mhobbscts

    Transparent Range of WAN IPs on a 3120

    mhobbscts New Member

      Hello Everyone,

       

      First Post! I have a question about the ability to create a transparent range of WAN IP addresses on a Netvanta 3120.  I am looking for the exact same functionality as described in this post on the Netvanta 2000 UTM: https://supportforums.adtran.com/docs/DOC-2407

       

      I would like to use the 3120 to enforce QoS on a 10m Ethernet circuit, I have a /29 block of addresses and I need to assign one to the 3120 and I would like to be able to allow a Cisco 5505 to connect to another public IP through a port on the Adtran.  The Cisco is managed by the IT company and I work for the company installing the VOIP system.  I figured this is the best way to give them control of their own equipment while I can still have the Adtran prioritize voice traffic.  Can this be done or is there a better (or simpler ) way to configure this?

       

      Thank you!!

        • Re: Transparent Range of WAN IPs on a 3120
          Employee

          mhobbscts - Welcome to the forum!

           

          Please let me know if I misunderstood any part of your question. It seems like you have two public IP address ranges available. One will be used on the Cisco to Adtran connection, while the other range is available to use how you wish. There are a couple of ways I would consider setting this up:

           

          Option 1:

          This option would have eth 0/1 as your WAN port. You would then create a VLAN interface for the second public IP range. One of the IP addresses would be assigned to the VLAN interface, while the remaining would be used on any equipment that requires it. This equipment would need to plug into the switchport(s) you assigned to the VLAN. Generally, this setup is used for DMZs or if there is another firewall sitting behind the NetVanta.

           

          Option 2:

          This option would also have eth 0/1 as your WAN port. However, you would assign the second public IP range as secondary IP addresses on eth 0/1.  This is generally used when a port forward is required using external IP addresses.

           

          In both of these options, WAN eth 0/1 would be where you would configure the QoS map.

           

          I hope this answers your question, but please do not hesitate to let us know if it does not or if you think of anything further.

           

          Thanks,

          Noor

            • Re: Transparent Range of WAN IPs on a 3120
              mhobbscts New Member

              Thank you for your request.

               

              We will respond as soon as possible.

              • Re: Transparent Range of WAN IPs on a 3120
                mhobbscts New Member

                Thanks noor!

                 

                I don't have a separate range of public IP's in this case.  What I want to do is to allow a device behind the Adtran to use another public IP from the same range. I don't want to alter the traffic in any way, with the exception of QoS.

                 

                I have setup a 1335 to pass through a single public IP address in my lab, All I did was assign two ports to VLAN 2 and turned on IP proxy arp on the interface connected to the ISP. I then applied QOS to VLAN 2 out bound.  Here is some of the config:

                 

                interface switchport 0/24

                  no shutdown

                  switchport access vlan 2

                !

                !

                interface gigabit-switchport 0/1

                  no shutdown

                  switchport access vlan 3

                !

                interface gigabit-switchport 0/2

                  no shutdown

                  switchport access vlan 2

                !

                !

                !

                interface vlan 1

                  ip address  192.168.20.1  255.255.255.0

                  access-policy Private

                  ip route-cache express

                  no shutdown

                !

                interface vlan 2

                  ip address  x.x.x.x  255.255.255.248

                  ip proxy-arp

                  access-policy DMZ

                  qos-policy out VOIP

                  ip route-cache express

                  no shutdown

                 

                Gig 0/2 is connected to the ISP and Swx0/24 is connected to another device using another public IP.  Will this apply qos properly to all traffic going through the Adtran to the ISP?

                  • Re: Transparent Range of WAN IPs on a 3120
                    Employee

                    mhobbscts - If you only have one public subnet to work with, you can set it up as you did on the 1335. The 3120 will allow you to create VLANs as the 1335 does using the 4 internal switchports on the 3120. It would mean that the eth 0/1 interface on the 3120 does not need to be used.

                     

                    If you do set up the VLANs and QoS as you have mentioned above, then QoS will apply properly. The only change you need to make on the 3120 and the 1335 is to set the traffic-shape rate on the public VLAN to be the upload speed you are guaranteed by your ISP. Otherwise, with QoS enabled, the NetVanta will assume that whatever speed the switchport is coming up at is the bandwidth that is available (which is generally never the case)

                     

                    Please do not hesitate to let us know if you have any questions.

                     

                    Thanks,

                    Noor