1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Assign one PPPoE "sticky" IP to RV082?

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by drewbixcube, Aug 17, 2006.

  1. drewbixcube

    drewbixcube LI Guru Member

    I'm setting up an office using Bellsouth's odd mix of PPPoE and static or "sticky" IPs. I say "odd", but maybe it's common and I've just never had to deal with it before. Anyway, the RV082 is working fine in PPPoE mode - by design it pulls a different IP address that is *outside* the range of the stack of 5 IPs assigned to this office. I'm able to assign individual IPs to specific machines using one-to-one NAT. What I can't figure out is how to assign one of those IPs to the router itself, for VPN, port forwarding, etc... As a quick fix I'm using DDNS but ultimately I'd like to be able to use one of "our" IPs to reach the router.

    Thanks for any sugggestions -- I won't be surprised if I'm missing something obvious!

    +drew
     
  2. d__l

    d__l Network Guru Member

    Is the IP that the router is assigned always different each time it makes a PPPOE connection? That would be different than the way AT&T works their sticky PPPoE static IPs.
     
  3. drewbixcube

    drewbixcube LI Guru Member

    Yep, seems to work identically to Bellsouth's dynamic PPPoE, different IP every time it authenticates.
     
  4. pablito

    pablito Network Guru Member

    I have something similar here in Canada but I also asked for a static IP. The WAN PPPoE gets that IP and the "stickies" are then used similar to what you're doing. Can you get a static IP for the main PPPoE?

    Otherwise a good dynamic DNS works rather well.
     
  5. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    That is a strange one...I deal with static PPPoE IPs all the time..on SNET/SBC (now AT&T..AGAIN) clients..where they have a business grade DSL account, and have a fixed IP address all the time.

    But is your situation one where you're given multiple IPs? Like...5x different public IP addresses?
     
  6. pablito

    pablito Network Guru Member

    I think he is getting a block of IPs that is in a different subnet from the PPPoE IP. That is how it works up here. You are expected to route those IPs. Somehow they are dynamicaly routing the IPs to whatever IP he gets from PPPoE. Pretty neat trick but a static IP is even better.

    Either way it will work. One to One NAT for the added IPs and port forwarding for the PPPoE IP should work. Agreed that static IP on PPPoE works just fine and is what I have on one of my RVs. It would be extra special if I could add additional IPs to an interface of an RV/WRT...
     
  7. drewbixcube

    drewbixcube LI Guru Member

    That's exactly right. The PPPoE IP is different after each authentication, and is never in the same subnet as the IPs assigned to this office. So the only way I have found to access the router directly (for VPN, for example) is to use DDNS. That actually seems to work well so far, but it strikes me as an awfully indirect approach -- I use DDNS for my lower-end clients with dynamic IP and didn't expect to need it it for a business customer with 5 IPs!

    Ideally I'd like to tell the RV082 to "listen" on one of those 5 IPs, regardless of the actual PPPoE IP. But none of the routing or forwarding options seem to accomplish this, though of course I could be missing something.

    Thanks!
     
  8. pablito

    pablito Network Guru Member

    Interesting. You should be able to ask for a static IP for the WAN IP. However that isn't your problem if dynamic DNS works for you. One-One NAT is the only way I can see making this work without adding another hardware device in front or behind the RV. However that requires you to carefully configure the internal IPs of the machines you want to use the 5 public IPs. Not a big deal either. But how to handle specific traffic you want to expose to the internet? If you wanted to have 3 web servers how to make 3 specific public IPs listen instead of the WAN IP?

    I haven't used One-One NAT so I can't say if new options appear for doing it as I would expect. On my system that has a similar ISP I'm using a linux router that allows additional IPs on an interface. My RV is setup to grab a single IP each from two ISPs and the linux router handles all the other IPs. This way I can have specific IPs listening on specific ports that forward to specific internal IPs. (The RV was a recent addition so I never got to try One-One)

    From the docs it appears that One-One exposes the designated internal IP to traffic hitting its designated external IP. You would have to create firewall rules to allow the type of traffic you want to pass and then block everything else. Perhaps you'll get new interface options in the rules when using One-One. <-true?

    Bottom line, I'd be asking for a feature request that allows for additional IPs on an interface. And then forwarding/firewall rules that allow for designating specific IPs instead of the whole interface. The RV is in a class that would have multiple IPs as a common scenario.
     

Share This Page