Multiple Static IP Addresses

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
dustywb
DD-WRT Novice


Joined: 11 May 2011
Posts: 5

PostPosted: Tue Jun 14, 2011 20:31    Post subject: Multiple Static IP Addresses Reply with quote
Ok so I have 5 static IP's and up till now have only used 1 of them, currently I would like to use one of the others for a server I am running. Anyways using this here http://www.dd-wrt.com/wiki/index.php/One-to-one_NAT I have managed to set this up:

The server has a static dhcp assignment through the router for it's IP, the internal IP is 10.100.2.12

Here's the scripts:

# Startup
WANIF=`get_wanface`
ifconfig $WANIF:1 xx.xx.xx.xx netmask 255.255.255.128 broadcast xx.xx.xx.127

# Firewall
iptables -t nat -I PREROUTING -d xx.xx.xx.xx -j DNAT --to 10.100.2.12
iptables -t nat -I POSTROUTING -s 10.100.2.12 -j SNAT --to xx.xx.xx.xx
iptables -I FORWARD -d 10.100.2.12 -p tcp --dport 21 -j ACCEPT
iptables -I FORWARD -d 10.100.2.12 -p tcp --dport 80 -j ACCEPT

I saved them to their respective places and then rebooted the router, the server is accessible from any machine on the network by typing its 10.100 address in or its public address, however from outside the network it doesn't work, also when this is there that machine itself won't access the internet now.

Anyways I don't know what to do and have been trying different things out all day and would really appreciate some help from someone a bit more seasoned with this stuff.

Thanks
Sponsor
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Wed Jun 15, 2011 7:47    Post subject: Re: Multiple Static IP Addresses Reply with quote
dustywb wrote:
the server is accessible from any machine on the network by typing its 10.100 address in or its public address, however from outside the network it doesn't work, also when this is there that machine itself won't access the internet now.

That's a pretty good sign you configured it correctly. There's a chance that your netmask or broadcast address is wrong. Your ISP could also be blocking it for some reason.

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
dustywb
DD-WRT Novice


Joined: 11 May 2011
Posts: 5

PostPosted: Wed Jun 15, 2011 14:06    Post subject: Re: Multiple Static IP Addresses Reply with quote
phuzi0n wrote:
That's a pretty good sign you configured it correctly. There's a chance that your netmask or broadcast address is wrong. Your ISP could also be blocking it for some reason.

I don't think my netmask is wrong if so I would think that I wouldn't have internet at all as that's what's set for the WAN connection subnet in the webgui, and if the subnet is 255.255.255.128 my IP range is xx.xx.xx.10-14 then my broadcast should be xx.xx.xx.127 right? I've verified this with 2 different subnet calculators. Also I've entered the .113 static in the webgui and the internet works fine when that's done. Does there need to be a gateway or dns configured in this script? That's the only difference between what is in the webgui and here as far as I can tell.
dustywb
DD-WRT Novice


Joined: 11 May 2011
Posts: 5

PostPosted: Wed Jun 15, 2011 20:29    Post subject: Reply with quote
Well I found out the problem, apparently the IP list that was given to me was incorrect so I was trying to use an IP that we did not own lol. So the script is good and it's currently fully functional. Very Happy
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Wed Jun 15, 2011 20:35    Post subject: Reply with quote
As long as the first 3 octets that you're hiding are correct then the broadcast address is correct.

No gateway or DNS has to be set, the router still uses the same gateway and DNS that was entered in the GUI.

What exact model and firmware are you using? Try hard resetting and reconfiguring from scratch. If that doesn't solve things then please telnet/ssh to the router, test the ports from inside and outside, and PM me the output from these commands:

iptables -vnL
iptables -t nat -vnL
ifconfig

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
dustywb
DD-WRT Novice


Joined: 11 May 2011
Posts: 5

PostPosted: Wed Jun 15, 2011 22:25    Post subject: Reply with quote
phuzi0n wrote:
As long as the first 3 octets that you're hiding are correct then the broadcast address is correct.

No gateway or DNS has to be set, the router still uses the same gateway and DNS that was entered in the GUI.

What exact model and firmware are you using? Try hard resetting and reconfiguring from scratch. If that doesn't solve things then please telnet/ssh to the router, test the ports from inside and outside, and PM me the output from these commands:

iptables -vnL
iptables -t nat -vnL
ifconfig


Thanks for the help it's up and running, the IP list I was given was incorrect and so the range of IP's I was told we have weren't right so I was using an IP that wasn't assigned to us.
iddybear
DD-WRT Novice


Joined: 11 Nov 2014
Posts: 1

PostPosted: Tue Nov 11, 2014 20:41    Post subject: Reply with quote
I've got a Asus RT-AC68U, 5 static ip's from comcast starting with 50.245.224.217 and the following script (part in startup, part in firewall).

The script appears not to be working. 50.245.224.217 works fine, 218 goes nowhere. I can change my router's wan ip to 218 and my internal server loads fine.
I don't have any settings set in the nat/Qos port forwarding range , triggering upnp or dmz. I'm on Firmware: DD-WRT v24-sp2 (04/22/14) std

Any suggestions?


#########################################
# STARTUP SCRIPT #
FIND BROADCAST: http://www.petenetlive.com/KB/Article/0000215.htm
#########################################

### Adding IP addresses from Comcast ###
$WANIF='get_wanface'
ifconfig $WANIF:1 50.245.224.217 netmask 255.255.255.248 broadcast 50.245.224.223
ifconfig $WANIF:2 50.245.224.218 netmask 255.255.255.248 broadcast 50.245.224.223

#########################################
# FIREWALL SCRIPT #
#########################################

### 50.245.224.217 -> 192.168.16.8 (graceamazing) ###
iptables -t nat -I PREROUTING -d 50.245.224.217 -p tcp –dport 80 -j DNAT –to-destination 192.168.137.137
iptables -t nat -I PREROUTING -d 50.245.224.217 -p tcp –dport 443 -j DNAT –to-destination 192.168.137.137
iptables -t nat -I POSTROUTING -s 192.168.137.137 -j SNAT –to 50.245.224.217
iptables -I FORWARD -d 192.168.137.137 -p tcp –dport 80 -j ACCEPT
iptables -I FORWARD -d 192.168.137.137 -p tcp –dport 443 -j ACCEPT

### 50.245.224.218 -> 192.168.16.9 (thehedge) ###
iptables -t nat -I PREROUTING -d 50.245.224.218 -p tcp –dport 80 -j DNAT –to-destination 192.168.137.138
iptables -t nat -I PREROUTING -d 50.245.224.218 -p tcp –dport 443 -j DNAT –to-destination 192.168.137.138
iptables -t nat -I PREROUTING -d 50.245.224.218 -p tcp –dport 3389 -j DNAT –to-destination 192.168.137.138
iptables -t nat -I POSTROUTING -s 192.168.137.138 -j SNAT –to 50.245.224.218
iptables -I FORWARD -d 192.168.137.138 -p tcp –dport 80 -j ACCEPT
iptables -I FORWARD -d 192.168.137.138 -p tcp –dport 443 -j ACCEPT
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum