HPE Community
WAN Routing
1753939 Members
9597 Online
108811 Solutions
New Discussion

Re: Secure Router 7102dl. How to use two IPs on the same Ethernet interface

 
wergun
Frequent Visitor

‎11-22-2011 08:38 PM

‎11-22-2011 08:38 PM

Secure Router 7102dl. How to use two IPs on the same Ethernet interface

Hello,

 

Secure Router 7102dl (SR) has two public IP addresses from two different IS Providers

 

From ISP 1  -  IP 173.x.x.2  /30   

From ISP 2  -  IP 69.x.x.2  /30   

 

Link to figure:

https://picasaweb.google.com/104921887933142408911/WANLAN#5678036812202927106

 

 Default gateway is IP 69.x.x.1

 

Problem: I can not access from public internet to PC over IP 173.x.x.2, just

over IP 69.x.x.2  only.

 

Configuration:

 

interface eth 0/1

  ip address  192.168.1.2  255.255.255.0  /*assign an IP 192.168.1.2 to an Ethernet interface

  access-policy Private

  no shutdown

 

interface eth 0/2

  ip address  69.x.x.2  255.255.255.252   /*assign an IP 69.x.x.2 to an Ethernet interface              

  ip address  173.x.x.2  255.255.255.252 secondary  /*assign an IP 173.x.x.2 to an Ethernet interface

  access-policy Public

  no shutdown

 

ip route 0.0.0.0 0.0.0.0 69.x.x.1     /*Default gateway

 

ip access-list standard ANY                 /*Select all traffic

  permit any  

 

ip access-list extended WEB-Server                 /*Select only requests to WEB service

  permit tcp any  host 69.x.x.2 eq www 

  permit tcp any  host 173.x.x.2 eq www

 

ip policy-class Private                                                              

  allow list ANY     /* allow all traffic from PC to Internet                                                                                    

 

ip policy-class Public

  nat destination list WEB-Server address 192.168.1.1  /* HTTP requests from Internet are forwarded to PC

 

 

 

 

Thanks for help

Boris.

 

 

 

 

 

 

0 Kudos
1 REPLY 1
DaveAnderson
Occasional Advisor

‎02-03-2012 09:52 AM

‎02-03-2012 09:52 AM

Re: Secure Router 7102dl. How to use two IPs on the same Ethernet interface

You have to use VLANs on the external interface to make your configuration work.  The 7102 would uplink to a switch.  The switch has to be setup to support 802.1q vlan trunking or VLAN Tagging.  

 

VLAN 10 = ISP #1 (left side)

VLAN 20 = ISP #2 (right side)

 

Your external interfaces would be eth0/2.10 and eth0/2.20.

 

The configuration would look something like this:

Config t

interface eth0/2.10

ip address 173.1.1.61 255.255.255.252

interface eth0/2.20

ip address 69.1.1.200 255.255.255.224

 

The switch will have to sit inbetween both ISP hand-offs.  Port #1 would uplink to ISP Router #1.  It has to be an access vlan or untagged vlan on VLAN #10.  Port #2 would uplink to ISP Router #2.  It has to be an access vlan or untagged vlan on VLAN #20.  Port 3 would uplink to your 7102dl router.  That interface is going to be tagged or VLAN Trunk for VLANS #10 & #20.

 

This allows you to control the traffic as if each VLAN were a separte interface.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.