5 Replies Latest reply on Sep 18, 2019 11:32 AM by jayh

    Netvanta 3448 Routing IP Address Block

    alexharrisdcj New Member

      I'm pretty new to routing (I usually work on the Firewall side), and I need to do something that seems like it should be easy, I'm just not sure if I have a good understanding of what I'm doing here.

       

      My ISP provided some IP address information...

       

      LAN: XXX.173.174.224/29
      Default Gateway: XXX.173.174.225
      Subnet Mask: 255.255.255.248
      Customer IP First: XXX.173.174.228
      Customer IP Count: 3

       

      I have three devices/networks that need to be able to use those IP addresses as follows...

      1. XXX.173.174.228 => will be used by our firewall
      2. XXX.173.174.229 => will be used by Router 1
      3. XXX.173.174.230 => will be used by Router 2


      Is there a way to set this up where each of the devices can plug into a respective switchport on the 3448 and be allowed to use the indicated IP address?

      I'm not sure how the initial configuration of the ISP needs to be setup to allow this.

       

      I imagine what i'm trying to achieve is fairly straightforward, I'm just in a position where I can't test easily without bringing our entire network down.

       

      Any help would be super appreciated,
      Thanks!

        • Re: Netvanta 3448 Routing IP Address Block
          jayh Hall_of_Fame

          Examine your Comcast cable modem. Some versions have a built-in switch and four Ethernet jacks that can be plugged directly into your devices.

           

          Alternatively, you can use switch ports on the 3448 to connect the WAN side of your devices.

           

          I'm assuming that the 3448 is going to be one of the routers, call it Router1. If the 3448 isn't going to be one of the routers, you can still use its switchports to carve out a small layer 2 switch, but the configuration will be slightly different. If all that the 3448 is doing is functioning as a layer 2 switch to interconnect the firewall and routers, the 3448 probably isn't the best product. Its switch ports are only 100 Mbit and its routing capability makes it overkill. Just use a "dumb" unmanaged gigabit switch. Basic configuration assuming that the 3448 is working as Router1:

           

          !

          vlan 100

            name "Comcast-WAN"

          !

          interface switchport 0/1

            description Comcast WAN feed

            switchport access vlan 100

            switchport mode access

            no shutdown

          !

          interface switchport 0/2

            description Router2 WAN

            switchport access vlan 100

            switchport mode access

            no shutdown

          !

          interface switchport 0/3

            description Firewall WAN

            switchport access vlan 100

            switchport mode access

            no shutdown

          !

          interface vlan 100

            ip address XXX.173.174.229 255.255.255.248

            no shutdown

          !

          ip route 0.0.0.0 0.0.0.0 XXX.173.174.225

          !

           

          You would connect the Comcast feed into switch port 0/1, Router2 into switch port 0/2, and the firewall into switch port 0/3.

           

          As far as configuration, on the other routers and firewall you'll configure the interfaces with their respective IP addresses, all with a subnet mask of 255.255.255.248. 3448 syntax will be similar to:

           

          (on  Router2)

          interface gi 0/1

          description Comcast WAN

          ip address XXX.173.174.230 255.255.255.248

           

          (on firewall)

          interface gi 0/1

          description Comcast WAN

          ip address XXX.173.174.228 255.255.255.248

           

           

           

          On each device you'll want a default route pointing to the Comcast next-hop. On the 3448 the syntax is:

           

          ip route 0.0.0.0 0.0.0.0 XXX.173.174.225

           

          Syntax on the other devices may be different.

            • Re: Netvanta 3448 Routing IP Address Block
              alexharrisdcj New Member

              Sorry, I may have been unclear. "Router 1" and "Router 2" are separate from the 3448. They are devices that need to be routed from the 3448. Also, in this instance we're not using Comcast, we're using Allstream (not really relevant). I've renamed my routers below, in a very crude ascii diagram.

               

                                               /-------- => Firewall (manages most of network)
              Router 1(3448) =>  /---------- => Router 2

                                              \---------- => Router 3

                • Re: Netvanta 3448 Routing IP Address Block
                  jayh Hall_of_Fame

                  OK, gotcha. If your ISP is directly giving you the addresses for router 2, router 3, and the firewall, then you don't really need or want the 3448. All you need is a four-port switch. Plug the Allstream connection into one port and the routers and firewall into three more.

                   

                  There are some scenarios where an ISP will deliver a WAN link, typically with a 255.255.255.252 netmask, and then route the actual IPs for your use over that link. In this case your ISP would have given you two different subnets and you would need a front-end router for your other devices. This doesn't seem to be the case.

                   

                  Are you using the 3448 for anything other than to connect your Internet connection to the other devices? If not, I would replace it with a basic four-port switch. You could use an Adtran 1531 for this. If so, what else are you using the 3448 for?

                    • Re: Netvanta 3448 Routing IP Address Block
                      alexharrisdcj New Member

                      Okay, that sounds right to me.

                       

                       

                      This is actually just a spare 3448 we had, was hoping to be able to use it rather than purchasing more equipment. Can the 3448 be used in a similar way, or am I better off just purchasing new equipment?

                        • Re: Netvanta 3448 Routing IP Address Block
                          jayh Hall_of_Fame

                          You can use the 3448 if the connections are 100 Mbps or less. It has a built-in 8-port switch with 100 Mbit interfaces. If your ISP handoff is gigabit ethernet and speeds over 100 Mbit you'll want to get a gigabit switch.

                           

                          From factory default it will just work if you use four of the eight switchport interfaces to connect your two routers, firewall, and ISP connection. For best practice, log in to the 3448 and shut down the vlan1 interface just to be safe.