No NAT

Discussions for BiPAC 8800 series: 8800NL, 8800NLR2, 8800AXL, 8800AXLR2
Post Reply
gerdesj
Posts: 10
Joined: Wed Oct 19, 2016 9:47 pm

No NAT

Post by gerdesj »

I bought a Billion 8800NL R2 to a few days ago via Amazon to simply connect via PPPoE over FTTC and pass through external IP addresses to the "real" router. I get a block of 16 from my ISP. I followed this: http://www.billion.uk.com/edu/VDSL2/index.html - "If you have multiple WAN IPs / block of public IPs".

My allocation is 78.33.192.48/28 from my ISP and 78.33.192.49 is given out via DHCP when requested.

Steps to reproduce:
* Factory rest Billion router
* I gave the Billion my ISP user/pass and it got 78.33.192.49 on WAN. I was able to browse the internet
* I then unchecked the NAT box on WAN and restarted it.
* My laptop is plugged into a LAN port on the Billion and I gave it an IP address of 78.33.192.60/29 with a default gateway of 78.33.192.49

Code: Select all

gerdesj@jglaptop ~ $ ipcalc 78.33.192.49/28
Address:   78.33.192.49
Netmask:   255.255.255.240 = 28
Wildcard:  0.0.0.15       
Network:   78.33.192.48/28
HostMin:   78.33.192.49  
HostMax:   78.33.192.62 
Broadcast: 78.33.192.63
Expected outcome:
* Internet access

Actual outcome:
* I could not access anything externally from my laptop.
* I could connect to the default RFC1918 address on the router - 192.168.1.254. I did not expect that.

Where am I going wrong?

Cheers
Jon
billion_fan
Posts: 5374
Joined: Tue Jul 19, 2011 4:30 pm

Re: No NAT

Post by billion_fan »

gerdesj wrote:I bought a Billion 8800NL R2 to a few days ago via Amazon to simply connect via PPPoE over FTTC and pass through external IP addresses to the "real" router. I get a block of 16 from my ISP. I followed this: http://www.billion.uk.com/edu/VDSL2/index.html - "If you have multiple WAN IPs / block of public IPs".

My allocation is 78.33.192.48/28 from my ISP and 78.33.192.49 is given out via DHCP when requested.

Steps to reproduce:
* Factory rest Billion router
* I gave the Billion my ISP user/pass and it got 78.33.192.49 on WAN. I was able to browse the internet
* I then unchecked the NAT box on WAN and restarted it.
* My laptop is plugged into a LAN port on the Billion and I gave it an IP address of 78.33.192.60/29 with a default gateway of 78.33.192.49

Code: Select all

gerdesj@jglaptop ~ $ ipcalc 78.33.192.49/28
Address:   78.33.192.49
Netmask:   255.255.255.240 = 28
Wildcard:  0.0.0.15       
Network:   78.33.192.48/28
HostMin:   78.33.192.49  
HostMax:   78.33.192.62 
Broadcast: 78.33.192.63
Expected outcome:
* Internet access

Actual outcome:
* I could not access anything externally from my laptop.
* I could connect to the default RFC1918 address on the router - 192.168.1.254. I did not expect that.

Where am I going wrong?

Cheers
Jon
Our example from Zen

Number of IP addresses: 8 IP addresses: 82.7.249.0 - 82.7.249.7
Subnet mask: 255.255.255.248
Subnet in slash notation: 82.7.249.0 /29
Network address: 82.7.249.0
Broadcast address: 82.7.249.7
Router address: 82.7.249.6
Number of IP addresses usable by your hosts: 5

So when we setup the router, we get assigned 82.7.249.6 to the WAN we leave the firewall enabled for the WAN interface, we then set this IP (82.7.249.6) address to the routers LAN (also adjust the DHCP range to 82.7.249.1 ~ 82.7.249.5) , as stated by the ISP this should be the routers IP address/remaining useable IP's

We then disabled NAT on the WAN interface

We then add a firewall rule to open up the firewall (see attached screen shot, with this rule you should not add the routers new LAN IP this needs the firewall enabled)

We then check our WAN IP address to see if everything is working correctly. (eg your PC/device will be assigned 82.7.249.1, when you check http://www.whatsmyip.org it should show as 82.7.249.1)
You do not have the required permissions to view the files attached to this post.
gerdesj
Posts: 10
Joined: Wed Oct 19, 2016 9:47 pm

Re: No NAT

Post by gerdesj »

@billion_fan: Thank you for the very detailed response. You have saved me a lot of time experimenting.

I had a feeling that the official docs were a little thin. I can only think that they were written from the perspective of a routed subnet, eg where you get a separate single IP for WAN and a subnet for LAN. AAISP for example do that.

Time to play.

Thanks
Jon
Post Reply