SearchSearch   ProfileProfile   Log inLog in   RegisterRegister 

Using Real IPs

 
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum
View previous topic :: View next topic  
Author Message
Shadoza



Joined: 06 Apr 2006
Posts: 54
Location: Chaparral NM

PostPosted: Mon Aug 07, 2006 10:35 pm    
Post subject: Using Real IPs

Hello,

We have started using a /21 block of IPs that we got from our T1 providers. We have set up the routing tables at the first hop. Everything is working well, except that still cannot remote desktop to the PCs behind the FirstSpot Server with Windows Remote Desktop. Proxy ARP is turned on while using the real IPs as of now. Should we disable Proxy ARP? The only problem is that is how we put in the /21 block of IPs and disabled some from DHCP so we could assign those to our equipment, which we still cannot access outside of the network, even though they have real IPs.

What can we do so we can access our equipment, and customers can remote into their equipment using the real IPs?
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Tue Aug 08, 2006 7:48 am    
Post subject:

This is quite complicated. Currently v4 does not have "native" real IP support.

However, you might be able to make it work using the following workaround:

1) First, I assume the number of available real IP is smaller than the number of client PC. Namely, you need to mix real IP with NAT.

2) The setup will be like:

Client -> FirstSpot -> Router -> Internet

3) You need to turn off NAT within FirstSpot, while keeping ProxyARP off too

4) Now, assuming you have NAT in your router. The next step is to setup return route to FirstSpot for all the client's PC IP address (e.g. 10.20.7.x).

5) Depends on your router, somehow you need to turn on "addressmapping" so that for each real IP, you need to "map" it to a client IP (e.g. 10.20.7.34).

6) Finally, you might want to tweak the FirstSpot DHCP server so that you give special arrangement to those special IP (e.g. 10.20.7.34). You can either use the Static DHCP mode so that those IP is always assigned to a particular client device, or you can put those special IP in the Excluded IP list so that you can assign the IP manually.

Please give us feedback on your testing result.
_________________
~ Patronsoft Limited ~
Back to top
Shadoza



Joined: 06 Apr 2006
Posts: 54
Location: Chaparral NM

PostPosted: Tue Aug 15, 2006 5:55 am    
Post subject:

Alan

1) This is an incorrect assumption. We have about 2200 IPs, which is a bit more than enough to support our customers' needs.

2) We are not using NAT in our first hop router.

Thanks for your response and I am sorry it took so long for me to get back to you.

If these two assumptions do not apply, will that make a difference to the other steps mentioned in your reply?
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Tue Aug 15, 2006 6:26 am    
Post subject:

In that case, you don't need to make any change in the FirstSpot DHCP server (step 6).
_________________
~ Patronsoft Limited ~
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Tue Aug 15, 2006 6:30 am    
Post subject:

For step 4 & 5, even you don't have NAT, you still need to setup return route somewhere in your network (in order to inform the return path of 10.20.7.x is going to FirstSpot). This part will highly depend on your network topology and you need to consult with a network specialist.
_________________
~ Patronsoft Limited ~
Back to top
Shadoza



Joined: 06 Apr 2006
Posts: 54
Location: Chaparral NM

PostPosted: Tue Aug 15, 2006 6:36 am    
Post subject:

Thanks Alan,

Yes we do have the routing table set up in the firsthop router, but I do not know about address mapping. Everything is working fine and when I go to www.whatismyip.com it gives me the same IP that firstspot assigned to me.

Would port filtering on the server block the use of logging into equipment outside of the network even if they had real IPs?

Thanks
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Tue Aug 15, 2006 6:50 am    
Post subject:

In your case, you don't need address mapping.

Yes, port filtering will probably have some effect. The easiest test is to turn it off and see whether this solves your problem.
_________________
~ Patronsoft Limited ~
Back to top
Shadoza



Joined: 06 Apr 2006
Posts: 54
Location: Chaparral NM

PostPosted: Tue Sep 05, 2006 1:54 am    
Post subject:

Alan, please direct me to the file that handles First Spot's DHCP.

Thanks.
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Tue Sep 05, 2006 2:44 am    
Post subject:

What file do you mean? You should change your FirstSpot DHCP setting within FirstSpot Configuration Manager.
_________________
~ Patronsoft Limited ~
Back to top
Shadoza



Joined: 06 Apr 2006
Posts: 54
Location: Chaparral NM

PostPosted: Tue Sep 05, 2006 3:25 am    
Post subject:

If we disable ProxyARP and NAT then the tables for the IPs go away. Is there something else that I am missing?
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Tue Sep 05, 2006 3:34 am    
Post subject:

That IP table is for ProxyARP only.

Normally, FirstSpot DHCP IP address space is determined by:
1) Private Network Interface IP and subnet mask
2) minus Excluded IP list

When ProxyARP is enabled (and NAT is disabled), the IP address space will be solely determined by the ProxyARP IP table instead.
_________________
~ Patronsoft Limited ~
Back to top
Shadoza



Joined: 06 Apr 2006
Posts: 54
Location: Chaparral NM

PostPosted: Tue Sep 05, 2006 9:42 am    
Post subject:

Alan,

We set up the DHCP like you said and it worked great! I wish I knew it was that easy all along. The upgrade procedure seems a bit complicated, I'll start a new ? for that one.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group