ER-3 -Comcast Fiber
-
@mroth911 said in ER-3 -Comcast Fiber:
so if i configure any ethernet port on a computer connected to the network i will be about to use the public ip ?
No, that is not how that works and is not something I care to try and explain.
-
@mroth911 said in ER-3 -Comcast Fiber:
so if i configure any ethernet port on a computer connected to the network i will be about to use the public ip ?
You can do that, but you probably don't want that. That's going to be really limiting and really not add any benefit if those machines are not servers. If this was for a DMZ, it would be different.
-
I have 29 static ip address. that i have public facing servers.
-
@mroth911 said in ER-3 -Comcast Fiber:
I have 29 static ip address. that i have public facing servers.
You are trying to use Comcast to host publicly facing servers?
-
yes
-
-
Okay, so is this ALSO your office, or is this ONLY hosting servers?
-
Both....
-
@scottalanmiller said in ER-3 -Comcast Fiber:
Okay, so is this ALSO your office, or is this ONLY hosting servers?
he said he wants 10.0.0.1 on eth1. SO I assume Office.
-
If this is both, I'll just assume it is, then you want to make another network for the servers that is a DMZ. Your non-servers (office) will be in a LAN. The public IP block you got will be your DMZ.
-
-
OK with the configre of Jared i got it working.where do i put the dmz..?
-
@mroth911 said in ER-3 -Comcast Fiber:
OK with the configre of Jared i got it working.where do i put the dmz..?
DMZ would be another port entirely. This complicates the setup a bit, but isn't horrible. If you have ETH0 set for your WAN, and ETH1 for your LAN (e.g. 10.x.x.x) then ETH2 will be your DMZ.
-
so .. on eth2. would i add my first public facing ip address.?
-
@mroth911 said in ER-3 -Comcast Fiber:
so .. on eth2. would i add my first public facing ip address.?
That would be a common choice, and a good one. So yes. Not a strict requirement, but an easy way to go.
-
what would be my gateway then for the /27..
-
eth2 would have an address of X.X.X.65/27
then in your public faicng devices, they would have X.X.X.65/27 through X.X.X.94/27 and use a gateway of X.X.X.65/27 -
That does not make it a DMZ< but jsut another network and everything will route back and forth.. You need to add firewall rules to restrict and such to make it a true DMZ.
-
Ok so i should remove the 10.254.254.1 off of eth2
and config the ip to 64/27
-
@mroth911 said in ER-3 -Comcast Fiber:
Ok so i should remove the 10.254.254.1 off of eth2
and config the ip to 64/27
- I updated my post.
