Sunteți pe pagina 1din 6

HomePortal or OfficePortal and Multiple IP Addresses

In cases where the 2Wire HomePortal or OfficePortal is used with multiple broadband IP addresses, it is required that the HomePortal be properly configured to utilize these IP addresses with local network devices. This document describes the setup step to configure a 2Wire HomePortal for use with multiple broadband static IP address on the SBC ADSL network. Although the term "HomePortal" is used in this document, these instructions can also be used for setting up the 2Wire OfficePortal as well. There are some pre-requisites to using Multiple Broadband Addresses: The associated service providing the multiple IP addresses has been ordered and installed. The IP address and networking information has been identified for the subscribed service. The HomePortal is running version 3.5.5 or later of the 2Wire HomePortal system. The network devices are already configured for TCP/IP networking and are connected to the HomePortal LAN via one of the available interfaces (Ethernet, USB, HPNA or 802.11b Wireless.)

The configuration process can be divided into four logical steps. 1. Setup and configure the HomePortal for broadband access using the first IP address 2. Enable the Bridge Network function of the HomePortal and configure it with the appropriate subnet mask 3. Assign the broadband IP address(es) to the desired network devices 4. (Optional) Configure firewall rules to direct unsolicited traffic to the associated network devices

Step 1: Configuring the HomePortal with the First IP Address


This steps requires that at least one computer be connected to the HomePortal, and is able to access the main GUI (http://homeportal). This can be accomplished by either running the include HomePortal Setup Wizard software and following the onscreen instructions, or manually configuring the network adapter for DHCP, and obtaining an IP address from the HomePortal. Determine the type of ISP network access assigned by the ISP. Your choices are PPPoE or RFC 2684 (Direct IP). If the HomePortal has already been configured with this information, proceed to Step 2. PPPoE Users Only If running the Setup Wizard software, proceed to Step 2.

PPPoE Users
Go to http://homeportal/setup and use the PPPoE keycode (522P-22P4-6262-22AT-F2NV) to establish broadband connectivity with one IP address. Verify Internet connectivity by accessing public websites.

RFC 2684 Users


Go to http://homeportal/setup and use the static IP keycode (522P-22P4-2E62-22AT-F27W) to establish broadband connectivity. Use the IP address and subnet mask as provided by your ISP. Verify Internet connectivity by accessing public websites.

2Wire and Multiple Addresses

Page 1 of 6

Step 2: Enabling Bridge Network Mode


Go to the Management and Diagnostic Console (MDC) (http://homeportal/management). Under the Local Network Configure link, find the Bridge Network option (see Figure 1). Enable the option and enter the subnet mask provided to you by your ISP. Click on the Submit button to save your results. Note: If you are a customer who was previously provided with two sets of IP address, one for use between the router and the network (usually just 2 addresses) and a second set solely for use with end devices, then you need to configure your HomePortal using the first set and use the Public Network option instead of the Bridge Network option using the second set. For example, in this case you might have been provided with a WAN gateway address of 66.124.231.65, a WAN IP address for your router of 66.124.231.66 and told that your LAN devices were to use addresses in the range 207.214.87.137 through 207.214.87.141. If a subnet mask has not been provided by your ISP, but a number of addresses have been, you can look up the associated subnet mask in the table below. This information may have been identified in a number of different ways and therefore it has been presented here in a number of different ways. Total Address Used by the Subnet 8 16 32 64 128 256 Number of Useable Addresses 6 14 30 62 126 254 Address Required for DSL Router 1 1 1 1 1 1 Addresses Available for LAN Devices 5 13 29 61 125 253 Subnet Mask to Use 255.255.255.248 255.255.255.240 255.255.255.224 255.255.255.192 255.255.255.128 255.255.255.0

CIDR /29 /28 /27 /26 /25 /24

2Wire and Multiple Addresses

Page 2 of 6

Note: On the OfficePortal, this information can also be set using the standard web pages in addition to those under the MDC.

Figure 1

Step 3: Allocating Public IP Addresses to the LAN Clients


This step requires that all network devices that you wish to configure with a broadband IP address be turned on and connected to the HomePortal Once the HomePortal is configured to use multiple broadband IP addresses, network devices can be configured for one of three modes. Access the Address Allocation page of the MDC to select the desired option (Figure 2) for each LAN device. Note: On the OfficePortal, this information can also be set using the standard web pages in addition to those under the MDC. 1. DHCP Private Network The network client is given a private IP address on the private network (Default is the 172.16.0.0 network). This is the normal mode of operation for all LAN devices by default (with or without the use of multiple broadband addresses.) 2. DHCP Public Network The network client is given one of the currently available broadband IP address. The address may change as the IP address lease is renewed, but will always come from the pool of available Broadband IP addresses.

2Wire and Multiple Addresses

Page 3 of 6

3. DHCP Fixed Public Network The network client is permanently assigned one of the broadband IP address. The address will not change until the HomePortal is reconfigured via the Address Allocation page. This will be the most common configuration for publicly accessible network devices. In all the above cases, the network device should be configured to enable their DHCP client. From this point on, the IP addresses for these LAN devices are managed by the HomePortal. In addition, a LAN device can be configured with a static IP address hard coded in the TCP/IP settings for that device. The IP address can be from either the DHCP Private Network addresses or from the DHCP Bridged Network addresses. When a DHCP Private Network address is statically assigned to a LAN device, the proper range must be used. The default range is 172.16.0.0, so the network device may statically use 172.16.1.1 through 172.16.1.32, inclusive. Devices assigned with these addresses act as if they were assigned an IP address in mode 1 above. When a DHCP Bridged Network address is statically assigned to a LAN device, the device assigned with this address acts as if they were assigned an IP address in mode 3 above. Use the IP address information as provided by the ISP. The HomePortal will automatically detect the usage of a broadband IP address on the LAN network and correctly route the return traffic to the appropriate LAN device. Once a broadband IP address has been detected by the HomePortal as being statically coded on the PC, its entry in the Address Allocation page will no longer be displayed. Note: The ability to use DHCP in assign WAN addresses to LAN devices is different from how some other routers operate. These other routers usually require that the address be hard coded on the LAN device.

2Wire and Multiple Addresses

Page 4 of 6

Figure 2

Step 4: Configure Firewall Rules


LAN devices using addresses from the Bridge Network are still protected by the HomePortal firewall. To allow unsolicited inbound traffic to any of these LAN devices, you must modify the firewall settings specified for that device. That is, a LAN device can receive inbound traffic associated with outbound traffic (e.g., web browsing) but needs to have a firewall rule established to function as a server. To change the firewall settings, access the Firewall - Settings page of the MDC or the Firewall Settings page of the standard web pages to configure the Hosted applications allowed for each device to be used with unsolicited traffic. Note: This is different from how some other routers operate. These other routers automatically allow all traffic to pass through from the WAN to the LAN devices configured with WAN IP addresses. If the device only requires the public IP address then no rules need to be established. In most cases a firewall rule will be required if you wish to host an application or access a server from the public Internet. This is also known as creating a pinhole in the firewall. Note: The 2Wire firewall only allows traffic for a bridged IP address to be directed to a local LAN device with the same bridged IP address. That is, except for traffic sent to the single broadband IP address assigned to the router and shared through NAPT, traffic send to other specific broadband IP addresses associated with the connection can not be directed to local LAN devices which may be using private IP addresses.

2Wire and Multiple Addresses

Page 5 of 6

Sample Configuration
In this sample configuration, the network consists of a public web server, a private web server, a public FTP server and a number of desktop devices. Only the public servers need be accessed from outside the network. The FTP server needs to be accessed from inside 1. Configure the HomePortal for Internet access. Enable the Bridge Network features with the proper subnet mask. 2. Use DHCP Private Network for all the desktop devices by default. These devices will use NAPT and share one of the broadband IP addresses. Addresses given out by the DHCP server in the HomePortal will range from 172.16.1.33 to 172.16.1.250. 3. Set the FTP server to one of the Fixed Bridged Network IP addresses. This will route all incoming traffic for the specific public IP address to the designated network device. In this case, the FTP server. Optionally if the FTP server machine does not have a DHCP client, the server could be configured with a public static IP address and the HomePortal will correctly route the traffic. If unsolicited inbound traffic is expected, the firewall must be configured to allow FTP traffic to pass. This is done from the Firewall Settings link of the MDC (http://homeportal/management).This can also be accomplished using the Firewall tab of the main GUI (http://homeportal). 4. Similar to the FTP example, set the public Web server to one of the Fixed Bridged Network IP addresses. This will route all traffic to the specific pubic IP address to the designated network client. The firewall must be configured (as described in step three above) to route inbound port 80 traffic to the server. 5. The private Web server should be set to a static private IP address, so that it is always accessible at the same address to the local desktop clients. For example, use 172.16.1.5 as the servers IP address.

2Wire and Multiple Addresses

Page 6 of 6

S-ar putea să vă placă și