Hey Guys,
We are getting a new fibre connection installed and it comes with a whole loads of headache of the ISP not listening to our requirements. we are a NGO and have very basic requirements and budget. we have 4 firewall that need to be configured to the internet with a static IP.
Our old ISP provided us with a copper handover that goes into a layer 2 switch and a /29 segment. We would connect our 4 firewalls (wan interface) to the layer 2 switch and configure a static ip from the /29 segment onto the interface and everything would work fine on the lan side.
Now with the new ISP we are provided internet via fibre and they have provided us with 2 segments. 1 is /31 and the other 2 are /30. I am trying to figure my head around how to go about configuring this. I will appreciate your help in this matter. I will be picking up edge router X for this task. Our requirement are 4 firewall to be on public static IP.
/31 segment - Link IP : 94.97.xx0.xx3/31
Extra IP : 84.235.xx9.x4/30 - Usable in this are 84.235.xx9.5/30 and 84.235.249.x6/30
Extra IP : 94.97.xx1.8/30 - usable in this are 94.97.xx1.9/30 and 94.97.xx1.10/30
Gateway for extra IP range /30 is the LINK IP i.e. /31
Now how I understand it I will take the cable from the ISP router and connect it to the eth0 port on my edgerouter and call it wan and configure the /31 segment there. If I configure a second interface with 192.168.0.1 and a dhcp range any device I plug into the 2nd port will take a dhcp and connect to the internet via edge router.
but my question regarding the setup setup is for the firewall that I need to configure the extra IP from the /30 segment to have it publicly available. How do i go about doing it from the edgerouter. From my understanding I will need to configure additional interfaces on the edgerouter with the extra IP but then my firewall will not have any IP left to use. Can anyone explain this scenario to me.