I hope this is the right place to ask this question.
We have a Lancom 1781A connected to a KPN Gemnet router by a transparent ethernet configuration on DSL port 2. Gemnet is a private network for Dutch municipalities. To connect to another network (Diginetwerk) through Gemnet KPN says whe have to use the folowing rule:
If dest IP == diginetwerk IP then source == Gemnet AOD else Gemnet private IP
So for example if we want to reach ip 145.21.185.52 then our source ip should be 95.152.171.1 but for destination 10.250.51.17 the source should be 10.250.15.1.
Is this possible and how can I configure this?
Thanks in advance
Henry
Alternate source address
Moderator: Lancom-Systems Moderatoren
-
Dr.Einstein
- Beiträge: 2921
- Registriert: 12 Jan 2010, 14:10
Re: Alternate source address
Hey Henry,
Iam not 100% sure if understood the scenario completly. Is the transparent ethernet connection a layer 2 connection or do you have to configure a gateway address?
- use the internet wizard to configure a plain ethernet connection on DSL Port 2, use 10.250.15.1 for your ip-address
-> every outgoing connection will use your 10.250.15.1
-> if you dont want to have KPN Gemnet as your default route edit the entry with 255.255.255.255 / 0.0.0.0 KPN Gemnet to 145.21.185.0 /24 e.g.
- add a firewall rule, source: local net + destination: 145.21.185.52, action allow + policy based nat address 95.152.171.1
Hope it will work.
Dr.Einstein
Iam not 100% sure if understood the scenario completly. Is the transparent ethernet connection a layer 2 connection or do you have to configure a gateway address?
- use the internet wizard to configure a plain ethernet connection on DSL Port 2, use 10.250.15.1 for your ip-address
-> every outgoing connection will use your 10.250.15.1
-> if you dont want to have KPN Gemnet as your default route edit the entry with 255.255.255.255 / 0.0.0.0 KPN Gemnet to 145.21.185.0 /24 e.g.
- add a firewall rule, source: local net + destination: 145.21.185.52, action allow + policy based nat address 95.152.171.1
Hope it will work.
Dr.Einstein
Re: Alternate source address
Hello Dr. Einstein,
Thanks for the quick reply. It's indeed a layer 2 connection and I have configured an ip-address and a gateway address. It's not the default route and I have that set up in the routing table so all the traffic to Gemnet and Diginetwerk is routed through this connection. I will add a rule to the firewall for the masquerading and see if that's the solution
Regards,
Henry
Thanks for the quick reply. It's indeed a layer 2 connection and I have configured an ip-address and a gateway address. It's not the default route and I have that set up in the routing table so all the traffic to Gemnet and Diginetwerk is routed through this connection. I will add a rule to the firewall for the masquerading and see if that's the solution
Regards,
Henry
Re: Alternate source address
I'm still in a discussion with KPN about what to do to get this working. The KPN router is a Cisco one with a primary and secondary address:
interface Vlan10
description Customer LAN.
ip address 95.152.171.1 255.255.255.224 secondary
ip address 10.250.15.254 255.255.255.0
For Gemnet I have to use 10.250.15.254 and for Diginetwerk 95.152.171.1.
KPN says I have to do a NAT translation in and out in order to use the secondary address, but I'm not sure how to do this. Apparently this is not the same as masquerading. When I masquerade the connection there is no response.
Regards,
Henry
interface Vlan10
description Customer LAN.
ip address 95.152.171.1 255.255.255.224 secondary
ip address 10.250.15.254 255.255.255.0
For Gemnet I have to use 10.250.15.254 and for Diginetwerk 95.152.171.1.
KPN says I have to do a NAT translation in and out in order to use the secondary address, but I'm not sure how to do this. Apparently this is not the same as masquerading. When I masquerade the connection there is no response.
Regards,
Henry
-
Dr.Einstein
- Beiträge: 2921
- Registriert: 12 Jan 2010, 14:10
Re: Alternate source address
Hey Henry,
sadly it's not possible to configure two different ip-addresses on one WAN interface on a Lancom router.
Two options:
1) You could ask KPN to configure the secondary ip-address range on an separate vlan id. Lancom supports multiple wan connections with diffent vlan tags over one wan interface.
2) You can use two different ethernet interfaces on the Lancom router.
Regards,
Dr.Einstein
sadly it's not possible to configure two different ip-addresses on one WAN interface on a Lancom router.
Two options:
1) You could ask KPN to configure the secondary ip-address range on an separate vlan id. Lancom supports multiple wan connections with diffent vlan tags over one wan interface.
2) You can use two different ethernet interfaces on the Lancom router.
Regards,
Dr.Einstein