Netgate SG-1000 microFirewall

Author Topic: One WAN Interface Two Different WAN Static IP Subnets  (Read 124 times)

0 Members and 1 Guest are viewing this topic.

Offline tim.mcmanus

  • Sr. Member
  • ****
  • Posts: 591
  • Karma: +25/-7
    • View Profile
One WAN Interface Two Different WAN Static IP Subnets
« on: January 26, 2018, 09:00:16 am »
I am going to assume this is not possible because I couldn't find the answer quickly.

I have one WAN interface and the ISP gave me two WAN static IP addresses to use, but they're on different /24 subnets.  74.214.34.xx/24 and 72.9.22.xx/24.  Both have different gateways.

Is there any way to put both of these onto the same WAN interface?

The cablemodem has one NIC, but the Netgate SG-3100 has two.  I have a call into the ISP to see if they need to send me another cablemodem.
Intel Core i3-2100 Sandy Bridge dual core - Intel BOXDQ77MK LGA 1155 Intel Q77 - 4GB RAM - 320 GB 7200RM HD - 2 x Intel EXPI9301CTBLK 10/ 100/ 1000Mbps PCI-Express Network Adapter

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15187
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: One WAN Interface Two Different WAN Static IP Subnets
« Reply #1 on: January 26, 2018, 09:35:13 am »
So your ISP thinks its ok to run multiple layer 3 networks on the same L2?  Wow... Why would they not just vlan tag the new segment they are going to give to you if they are out of IPs in the range when you want more IPs?

Or just give you a completely different range that has the number of IPs you want/need available in it..  Their solution is borked plain and simple..
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline tim.mcmanus

  • Sr. Member
  • ****
  • Posts: 591
  • Karma: +25/-7
    • View Profile
Re: One WAN Interface Two Different WAN Static IP Subnets
« Reply #2 on: January 26, 2018, 09:55:20 am »
So your ISP thinks its ok to run multiple layer 3 networks on the same L2?  Wow... Why would they not just vlan tag the new segment they are going to give to you if they are out of IPs in the range when you want more IPs?

Or just give you a completely different range that has the number of IPs you want/need available in it..  Their solution is borked plain and simple..

I figured as much.  I am still waiting for them to call me back.  Luckily, it's a client's ISP, mine is actually better than this.

Thanks for the quick validation of my assumption.
Intel Core i3-2100 Sandy Bridge dual core - Intel BOXDQ77MK LGA 1155 Intel Q77 - 4GB RAM - 320 GB 7200RM HD - 2 x Intel EXPI9301CTBLK 10/ 100/ 1000Mbps PCI-Express Network Adapter

Offline tim.mcmanus

  • Sr. Member
  • ****
  • Posts: 591
  • Karma: +25/-7
    • View Profile
Re: One WAN Interface Two Different WAN Static IP Subnets
« Reply #3 on: January 26, 2018, 11:29:10 am »
So after a wonderful (sarcasm) discussion with the client's ISP, it was off to Best Buy to get a cheap 5-port switch to put between the cablemodem and the Netgate.  I am glad we went with the SG-3100 because it has two NIC, and I can assign an IP address to each one.  I asked them why they didn't just give me a modem with more than one port so I could do this, but I guess all ISP are made differently.

Not an ideal solution, but it's solved for now.  God forbid we need a third IP address.  They just hand them out as /24 addresses and "none of our other customers have a problem like this".  Noted.
Intel Core i3-2100 Sandy Bridge dual core - Intel BOXDQ77MK LGA 1155 Intel Q77 - 4GB RAM - 320 GB 7200RM HD - 2 x Intel EXPI9301CTBLK 10/ 100/ 1000Mbps PCI-Express Network Adapter

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15187
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: One WAN Interface Two Different WAN Static IP Subnets
« Reply #4 on: January 26, 2018, 11:51:54 am »
So they can not just tag the other network range with a vlan ID?

Look for a better isp would be my suggestion..

Your switch solution works - but means your running those different layer 3 networks on the layer 2 connection from you to them.. How many other customers have different IPs on this layer 2?  Be interesting to sniff and see how any different IP address via broadcast/arp
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)