DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

static IPs on 2820vn

  • stanbyk
  • Topic Author
  • Offline
  • New Member
  • New Member
More
05 Oct 2009 18:49 #58120 by stanbyk
static IPs on 2820vn was created by stanbyk
Hi,
I need some help with setting up a Draytek 2820Vn properly with static IP addresses on zen.
I have a pool of 16 addresses: x.y.z.80 to x.y.z.95
Usable ip addresses are from x.y.z.81 to x.y.z.93
x.y.z.94 is the router's IP address.
Netmask 255.255.255.240

On the Lan setup screen I have selected IP routing to be enabled and have typed in my "2nd subnet mask". I unsure of which IP address I should type into the field for "2nd IP address". Should this be the first usable address in my pool? E.g. x.y.z.81 or can I use my routers address, e.g. x.y.z.94. Thats what I have done now and it seem to work, but it also means the router has the same IP address on the wan and lan interface. Not sure if this is a problem. In addition to that do I need to set up the RIP protocol control (e.g. to 2nd subnet)? Can anybody please advise me on how I need to set this up.

Also, with using static IP-addresses on this router, will I need to tweak the firewall? E.g. put in a deny everything rule first, followed by other rules in which I allow certain ports?

Hope these questions are not too basic or stupid...
Thank you
Robert

Please Log in or Create an account to join the conversation.

More
06 Oct 2009 10:01 #58122 by blowdart
Replied by blowdart on topic Re: static IPs on 2820vn

StanByk wrote: Hi,
I need some help with setting up a Draytek 2820Vn properly with static IP addresses on zen.
I have a pool of 16 addresses: x.y.z.80 to x.y.z.95
Usable ip addresses are from x.y.z.81 to x.y.z.93
x.y.z.94 is the router's IP address.
Netmask 255.255.255.240

On the Lan setup screen I have selected IP routing to be enabled and have typed in my "2nd subnet mask". I unsure of which IP address I should type into the field for "2nd IP address". Should this be the first usable address in my pool? E.g. x.y.z.81 or can I use my routers address, e.g. x.y.z.94. Thats what I have done now and it seem to work, but it also means the router has the same IP address on the wan and lan interface. Not sure if this is a problem. In addition to that do I need to set up the RIP protocol control (e.g. to 2nd subnet)? Can anybody please advise me on how I need to set this up.

Also, with using static IP-addresses on this router, will I need to tweak the firewall? E.g. put in a deny everything rule first, followed by other rules in which I allow certain ports?

Hope these questions are not too basic or stupid...
Thank you
Robert



OK you're in the wrong place :)

So click the WAN link on the menu and then choose Internet Access. You'll see WAN1 and WAN2 on the right hand side, WAN1 is your current connection, so click it.

Now you'll see a table for your connection details. In the right hand side you'll see the option for DHCP/Fixed. Switch it to fixed and enter x.y.z.94 as the fixed address. Click OK, then go to Online status and drop and reconnect - now make sure your internet access works.

If all is good, then return to the WAN1 screen and this time click the WAN IP Alias button. In the popup screen you can now add the rest of your IP addresses, from .81 to .93.

Now your router will accept connections for all these IPs.

You don't need to do anything on the LAN screen at all.

For firewall rules there's a bit of a bug right now in setting up DMZ hosts, which has been fixed in 3.3.3_RC4a.

Basically what you do is you setup DMZ hosts for each of the external addresses mapped to an internal address. Then you configure the rules you want in the firewall setup, starting in SET#2. Yes starting with a block all inbound is a good idea - but make sure you block only if no further matches are found. Then configure the firewall to allow the ports you want on each of your internal hosts.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami