3 Replies Latest reply on Mar 18, 2017 12:55 PM by bridges86406

    WAN static IP configuration - NetVanta 3458

    bridges86406 New Member

      I currently have a Netvanta 3448 on the latest firmware (R12.2.0.SA).

      I am trying to get the same "type" configuration that I have a DD-WRT router (this is for my house).

       

      In this specific instance I am looking to add the entire IP block that I have from my ISP to the router.

      I currently have my ISP connection plugged into Eth 0/1.

      I have my private network on switchport 1 with DHCP enabled and two switches (vLAN tagging allowed)

      The configuration that I would like to see is that my IP block (xxx.xxx.xxx.202/29) comes in and are allocated onto the device.

      I would then like the main IP xxx.xxx.xxx.202 to route over vLAN1 through port switchport 1.

      I then have two other devices  that I want to setup with Static IPs, on the private network, that will need to also receive a public IPs (xxx.xxx.xxx.203 and xxx.xxx.xxx.204).  These need no firewalling at all.

      At this time the other public IPSs are unused.

       

      I am very new to Adtran and have programmed what I have via GUI.  I am familiar enough with CLI that I can do basic things and I have no problem with searching to facilitate the information that you are able to provide. 

      Please let me know if you need me to post my current config.

       

      Thank you in advance.

        • Re: WAN static IP configuration - NetVanta 3458
          bridges86406 New Member

          So adding in my config:

           

          !

          !

          ! ADTRAN, Inc. OS version R12.2.0.SA

          ! Boot ROM version 17.06.01.00

          ! Platform: NetVanta 3458, part number 1200824G1

          ! Serial number LBADTN094XXXXXX

          !

          !

          hostname "Bridges_Router"

          enable password password

          !

          !

          clock timezone -7-Arizona

          clock no-auto-correct-DST

          !

          ip subnet-zero

          ip classless

          ip routing

          ipv6 unicast-routing

          !

          !

          domain-proxy

          name-server 74.40.74.40 8.8.8.8

          !

          !

          no auto-config

          !

          event-history on

          no logging forwarding

          logging forwarding priority-level info

          no logging email

          !

          no service password-encryption

          !

          username "admin" password "password"

          !

          !

          ip firewall

          no ip firewall alg msn

          no ip firewall alg mszone

          no ip firewall alg h323

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          no dot11ap access-point-control

          !

          !

          !

          !

          !

          !

          !

          ip dhcp excluded-address 192.168.1.0 192.168.1.99

          ip dhcp excluded-address 192.168.1.255

          ip dhcp excluded-address 192.168.1.100

          !

          ip dhcp pool "Private"

            network 192.168.1.0 255.255.255.0

            dns-server 192.168.1.1

            default-router 192.168.1.1

          !

          ip dhcp pool "Main_PoE_Switch"

            lease 49710 6 28

            host 192.168.1.10 255.255.255.0

            hardware-address 10:da:43:1d:7e:09 ethernet

            ntp-server 192.168.1.1

          !

          ip dhcp pool "Main_GigE_Switch"

            lease 49710

            host 192.168.1.11 255.255.255.0

            hardware-address e4:f4:c6:f1:2e:34 ethernet

          !

          ip dhcp pool "Living_Room_GigE"

            lease 49710

            host 192.168.1.12 255.255.255.0

            hardware-address a0:63:91:71:6a:95 ethernet

          !

          ip dhcp pool "Master_Bed_GigE"

            lease 49710

            host 192.168.1.13 255.255.255.0

            hardware-address a0:63:91:80:bc:7a ethernet

          !

          ip dhcp pool "BridgesComp"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.100 255.255.255.0

            hardware-address 98:90:96:a8:56:97 ethernet

          !

          ip dhcp pool "Printer"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.101 255.255.255.0

            hardware-address 64:51:06:67:44:c8 ethernet

          !

          ip dhcp pool "Panasonic DECT"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.16 255.255.255.0

            hardware-address 08:00:23:64:38:e6 ethernet

          !

          ip dhcp pool "BridgesPBX"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.15 255.255.255.0

            hardware-address b8:27:eb:2e:5d:a3 ethernet

          !

          ip dhcp pool "DadsPS4"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.17 255.255.255.0

            hardware-address 0c:fe:45:72:a3:b8 ethernet

          !

          ip dhcp pool "AdriaansPS4"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.18 255.255.255.0

            hardware-address 00:d9:d1:bf:f4:75 ethernet

          !

          ip dhcp pool "DadsXBOX360"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.19 255.255.255.0

            hardware-address 00:25:ae:c2:75:75 ethernet

          !

          ip dhcp pool "Front Door IPC"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.50 255.255.255.0

            hardware-address c0:56:e3:a9:6e:28 ethernet

          !

          ip dhcp pool "BridgesNAS"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.20 255.255.255.0

            hardware-address e8:fc:af:e6:a0:64 ethernet

          !

          ip dhcp pool "NW IPC 2"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.51 255.255.255.0

            hardware-address 28:57:be:50:fd:26 ethernet

          !

          ip dhcp pool "NE IPC 3"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.53 255.255.255.0

            hardware-address c4:2f:90:7b:fd:e1 ethernet

          !

          ip dhcp pool "NE IPC 4"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.54 255.255.255.0

            hardware-address c4:2f:90:20:cc:97 ethernet

          !

          ip dhcp pool "SE IPC 5"

            default-router 192.168.1.1

            lease 49710

            host 192.158.1.55 255.255.255.0

            hardware-address bc:ad:29:07:17:b0 ethernet

          !

          ip dhcp pool "SE IPC 6"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.55 255.255.255.0

            hardware-address 44:19:b6:49:eb:b1 ethernet

          !

          ip dhcp pool "Kids Hall UAP"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.21 255.255.255.0

            hardware-address 44:d9:e7:f9:7d:19 ethernet

          !

          ip dhcp pool "Office Hall UAP"

            default-router 192.168.1.1

            lease 49710

            host 192.168.1.22 255.255.255.0

            hardware-address 80:2a:a8:80:ee:67 ethernet

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          vlan 1

            name "Default"

          !

          !

          !

          no ethernet cfm

          !

          interface eth 0/1

            description Frontier Ethernet

            ip address  xxx.xxx.xxx.202  255.255.255.248

            ip address  xxx.xxx.xxx.203  255.255.255.255  secondary

            ip address  xxx.xxx.xxx.204  255.255.255.255  secondary

            ip address  xxx.xxx.xxx.205  255.255.255.255  secondary

            ip address  xxx.xxx.xxx.206  255.255.255.255  secondary

            ip address  xxx.xxx.xxx.207  255.255.255.255  secondary

            ip access-policy Public

            no awcp

            no shutdown

          !

          !

          interface eth 0/2

            no ip address

            shutdown

          !

          !

          !

          interface switchport 0/1

            no shutdown

          !

          interface switchport 0/2

            no shutdown

          !

          interface switchport 0/3

            no shutdown

          !

          interface switchport 0/4

            no shutdown

          !

          interface switchport 0/5

            no shutdown

          !

          interface switchport 0/6

            no shutdown

          !

          interface switchport 0/7

            no shutdown

          !

          interface switchport 0/8

            no shutdown

          !

          !

          !

          interface vlan 1

            ip address  192.168.1.1  255.255.255.0

            ip access-policy Private

            no shutdown

          !

          !

          !

          !

          !

          !

          ip access-list standard wizard-ics

            remark Internet Connection Sharing

            permit any

          !

          !

          ip access-list extended self

            remark Traffic to NetVanta

            permit ip any  any     log

          !

          ip access-list extended wizard-remote-access

            remark do not hand edit this ACL

            permit tcp any  any eq ssh   log

            permit tcp any  any eq https   log

          !

          !

          !

          !

          ip policy-class Private

            allow list self self

            nat source list wizard-ics interface eth 0/1 overload

          !

          ip policy-class Public

            allow list wizard-remote-access self

          !

          !

          !

          ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.201

          !

          no tftp server

          no tftp server overwrite

          http server

          http secure-server

          no snmp agent

          no ip ftp server

          ip ftp server default-filesystem flash

          no ip scp server

          no ip sntp server

          !

          !

          !

          !

          !

          !

          !

          !

          !

          sip udp 5060

          sip tcp 5060

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          !

          line con 0

            login

            password password

          !

          line telnet 0 4

            login

            password password

            shutdown

          line ssh 0 4

            login local-userlist

            no shutdown

          !

          !

          ntp server pool.ntp.org prefer

          !

          !

          !

          !

          !

          end

          • Re: WAN static IP configuration - NetVanta 3458
            bridges86406 New Member

            So in case anyone else is looking this up I was able to figure it out after a lot of playing.  Below are what I believe are the relevant parts of the config:

             

            !

            ip access-list extended web-acl-18

              remark PS4 Outbound

              permit ip any  any   

            !

            ip access-list extended web-acl-19

              remark PS4 Inbound

              permit ip any  any   

            !

            ip access-list extended wizard-pfwd-1

              remark PS4 Incoming

              permit ip any  host xxx.xxx.xxx.203     log

              permit ip any  host xxx.xxx.xxx.204     log

            !

            ip access-list extended wizard-pfwd-2

              remark PS4 Outgoing

              permit ip host 192.168.1.17  any     log

              permit ip host 192.168.1.18  any     log

             

            !

            !

            !

            !

            ip nat pool web-nat-pool-1 static

              local 192.168.1.17 192.168.1.18 global xxx.xxx.xxx.203 xxx.xxx.xxx.204

            !

            !

            ip policy-class Private

              allow list self self

              nat destination list web-acl-19 pool web-nat-pool-1

              nat source list web-acl-18 pool web-nat-pool-1

              nat source list wizard-ics interface eth 0/1 overload

            !

            ip policy-class Public

              nat destination list wizard-pfwd-1 pool web-nat-pool-1

              nat source list wizard-pfwd-2 pool web-nat-pool-1