03-04-2014 05:42 PM
I have a PPPoE connection w/5 Static IP's routed through the connection. I have done this many times before but on the RV320 it DOES NOT work!
I setup One-to-One NAT and mapped the 5 public addresses to 5 private addresses and cannot get it to route. Is there a trick to getting the RV320 to route public addresses? I entered an Access Rule to allow all traffic to the private addresses. No luck! I did change the private LAN to 10.0.1.1 from it's default - other than that it's the same ole'.
Any ideas would be great!
03-05-2014 05:49 AM
Hello John,
Are all the addresses in the same range as your WAN IP?
Nagaraja
03-05-2014 07:13 AM
Thanks Nagaraja for your reply. Yes, the block of IP's are in the same range as the WAN IP however there is a caveat. The internet provider routes the block through a PPPoE connection to their system. The IP assigned to the WAN connection has the same IP as the first IP in the block but with a different subnet. This routing is very common to PPPoE DSL accounts in the USA. Cisco - on the other hand - does not have any love for us PPPoE users. I have fought with every Cisco router I have ever purchased with this account configuration.
The way the connection works is you choose PPPoE and enter your username and password. When the connection trains you will get an IP address such as 75.90.23.15/255.255.255.255 (not real). That connection will pass a block of IP's through a 2nd interface on the connection such as 75.90.23.15/255.255.255.248. On EVERY Cisco router I have used prior to the RV320 it sees it as the same subnet. In fact, even the RV320 sees it as the same subnet and complains if I enter the 15/248 as the VLAN (for routing purposes) I could go into a list of issues with PPPoE and Cisco routers but suffice it to say that the implementation of PPPoE on Cisco routers is poor at best.
I have several Cisco devices so I connected a ISA550 to the PPPoE connection and used Static NAT with no issue. I was transitioning to the RV320 since the ISA550 is being phased out but it needs more help. I work for a software company and if we put out software so that our clients could pay to be beta testers, we would be out of business. Somehow Cisco survives this way.
03-05-2014 12:24 PM
Well I can set the modem to handle the IP block (didn't want to do that, but oh well) and I wanted to make sure before I change this network that it will work. I can assign the 1st IP in the block to the WAN1 port of the RV320. I can then use One-to-One NAT for the servers - correct?
Does One-to-One NAT automatically give open access to the server or do I have to set access rules? Some of these routers give full access with 1-to-1 and others require that it be given with rules.
03-05-2014 02:32 PM
Hi JS.
I have similar issue too, in my case, my PPPoE WAN IP is different to the secondary static pool of IP ( block of 8 in this case, routing is done by the ISP through my PPPoE WAN IP).
I've tried:
1) Adding the block of 8 static IP pool under Setup->Network->Mutliple Subnet Table ( this reveals a HTML/Javascript bug on the 1-1 NAT setup page where if you choose a subnet of 255.255.255.248, it automatically expects xxx.xxx.xxx.1 - 6, which in my case my public IP pool starts from xxx.xxx.xxx.161-166, javascript will block subsequent action).
2) Setup 1-1 NAT in accordance to the guideline does nothing to route packets from WAN to LAN, this is verified with another router sitting behind the RV320 and inspecting incoming packets ( packets come through via WAN IP and disappears ).
I can however statically assign public IP to the intended clients, the problem is that I will then lose acces to other VPN sites connected to the RV320 under different subnets as the routing only works properly when your client is on the same primary LAN subnet as the RV320 ( or more precisely the VPN local IP subnet ).
I hope this gets answered soon.
Cheers!
JY
03-05-2014 03:04 PM
John,
I can then use One-to-One NAT for the servers - correct?
Correct.
Does One-to-One NAT automatically give open access to the server or do I have to set access rules? Some of these routers give full access with 1-to-1 and others require that it be given with rules.
I believe that access rules are necessary on the RV320 for One-to-One NAT traffic.
- Marty
03-06-2014 08:11 AM
FYI - in case anyone needs this information - One-to-One NAT opens all ports to the server. You have to use Access Rules to restrict access which is the way I like it. Now if we could get some of the other bugs squashed this may turn out to be a decent router.
07-28-2015 08:51 AM
no they are not (for me).
07-28-2015 08:50 AM
Hello,
I have this issue too. My ISP provided me with a /27 block of IP addresses which I have to configure on an interface in order to route them through the default ISP gateway. No way can I configure one-to-one NAT because I cannot get the address block configured on the WAN interface (as it already has the interconnect IP address):
Example:
WAN
IP: 1.2.3.253
Subnet: 255.255.255.252
Gateway: 1.2.3.254
Public IPs: 2.3.4.0/27 (2.3.4.0 - 2.3.4.31; usable from 1 to 30 as 0 is network 31 is broadcast)
The ISP has routed this block to my WAN IP (1.2.3.253).
How can I do one-to-one NAT or at least IP forwarding through the DMZ or VLAN on one of the ports?
Please help!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide