Static IPs for wired and DHCP for wireless - how?

FlakMagnet

FlakMagnet

FlakMagnet

Associate
Joined
11 Dec 2006
Posts
179
Hi All,

My broadband comes with 5 static IP addresses which is great. The problem I have is that they are all used up now and I want to connect more wireless devices.

Could anyone tell me what piece of kit I need to buy that will do the following:

o Plug into my existing Router using one of the fixed IP addresses.
o Act as a DHCP server for any wireless devices I have in the house.
o Not need to be connected to my ISP - only my existing router.

I have had to set up my existing router to work with the static IPs that I have because my wife plugs a VPN router into it, and that MUST have a fixed IP for it to work. So I am forced to disable DHCP on my current router (that's the only way I can use the static IP that the VPN router requires).

If I set my router up to be a DHCP server, every bit of my equipment works fine! Just that the VPN router stops working.

So I'd like a piece of kit that would allow me to have DHCP for all my wireless devices, and static IPs for all the wired devices. I guess I can keep my existing router to provide the static IPs and interface to the ISP, but what do I need to connect to it to give me DHCP for my wireless devices?

Really sorry if that is difficult to understand, but I probably don't know the right words to use :)

Many thanks for any help!
 
Hmm sounds like you have pc's with routable ip's, not ideal really. I would be looking at getting a router that has 2 ethernet ports (a cisco 8xx series, but perhaps a cable router would do the same thing) and have everything plugged into this so all your pc's & laptops are natted.
So using these addresses as an example (my old zen /29 range)
82.69.154.48 - network
82.69.154.49 - lan router (new) - with all pc's behind it on a 192.168.0.0/24 for example
82.69.154.50 - existing vpn router
82.69.154.54 - existing internet router
82.69.154.55 - broadcast
This would leave 3 spare public ip's should you ever need them & as many ip's as you would ever require on the lan.
The vpn router would be plugged into the public side as it is now & the work laptop would be connected to that.
 
Last edited:
If you want a mix of devices, some with a public IP and some not, you're going to need more than just DHCP - you're going to need to perform NAT, translating one of the public IPs to the internal IP you give the VPN router, and translating many of the internal IPs to a single public IP.
 
Thanks for the info guys.

So if I understand correctly, I need an additional NAT router that can serve my wireless devices while taking one of the public IPs I have.

I think I understand how that would work - one static IP taken by the NAT router which dynamically assigns IPs to my wireless devices.

If this is correct, can anyone recommend one? I not sure that the cisco 8xx series is what I need is it?
 
An 800 series would do all that in one box.

Any router that doesn't have a modem would do - something like the WRT54GL.
 
One caveat is that machines connected directly to the router, machines on the LAN side of the router running NAT, and machines on the other side of the VPN router won't see each other (other than how they see any machine on the internet) without some jiggerypokery.
 
I think that's ok. At the moment I have the following :

o ADSL Modem Router connected to BP with 5 static IP addresses.
o VPN Router plugged into ADSL Router taking up 1 IP address.
o Wifes' PC connected to VPN Router. Does not need to access any other machines on netwotk.
o 2 PCs connected directly to ADSL router taking up 1 static IP each.
o A bunch of wireless devices sharing the remaining 2 statis IP addresses.

I can only have 2 wireless devices switched on at the moment because I can't have their IPs assigned dynamically by the router.

So my plan now is to buy a WRT54GL or equivalent and assign another of the static IP addresses to it, plug it into the existing ADSL Router and let it service the wireless devices - assigning IPs dynamically to them.

As I understand it, the WRT54GL will act as a NAT router, translating the dynamic IP addresses of my wireless devices to and from the static IP address of the WRT54GL.

If that is correct, will I still be able to directly access my 2 wired PCs (with static IP addresses) from my wireless devices? Because of NAT, won't it look as if the wireless devices are on the same network as the PCs?

I guess I won't be able to connect from one of the wired PCs to a wireless device though as they will appear to all have the same IP address (the address of the WRT54GL).

Am I understanding this all correctly? It is a very confusing subject :P
 
In my current setup - using ADSL24 as my ISP - I get 8 free static IPS.

One goes to the network address, one to the broadcast - leaving six free.

First one goes to the INTERNAL ETHERNET interface on my Cisco Router - the external ATM (ADSL) interface is autonegotiated from the ISP.

Second one goes to the EXTERNAL ETHERNET interface on my Cisco Pix.

The remaining four addresses are configured on my Pix as NAT addresses for my pc's which sit on the INTERNAL ETHERNET port of the pix - 192.168.1.1 - 192.168.1.4 for example.

So I have:

ISP|------|[Outside] Router [Inside]|-----|[Outside] Pix [Inside]|-----[Workstations]

Outside Router is autonegotiated with ISP.
Inside Router is for example 78.32.5.34 (not my actual address)
Outside Pix is 78.32.5.35
Inside Pix is 192.168.1.1
Workstations are 192.168.1.2-192.168.1.5

The pix is configured to NAT like this:

192.168.1.2 - 78.32.5.36
192.168.1.3 - 78.32.5.37
192.168.1.4 - 78.32.5.38
192.168.1.5 - 78.32.5.39

Now the wireless switch I have plugged into the pix issues DHCP addresses from 192.168.1.2 - 192.168.1.5 for the workstations which the Pix translates as necessary.

Hope this isn't too confuzzling.

Moley.
 
Cheers, Moley. I actually think I understood all that :D

But am I correct in saying that you are limited to 4 wireless devices by NATing the dynamic addresses to your 4 remaining fixed? What happens if you add a 5th wireless device?

The reason I ask is because I'm only left with 2 static IPs on my Pix if I duplicate what you have done... but I have about 5 wireless devices!

I am thinking I can setup like below, giving me as many wireless devices as I like:

Code: 
                 <10.10.10.1>                    <10.10.10.2>              <192.168.0.x>
ISP|-----|[Outside]Router#1[Inside]|--+--|[Outside]Router#2[Inside]|-----[WirelessDevices]
                     and              |
                   Gateway            |   
                                      +--|PC#1 <10.10.10.3>
                                      |
                                      |   
                                      +--|PC#2 10.10.10.4
                                      |
                                      |            <10.10.10.5>
                                      +--|[Outside] VPN Router [Inside]|-----|[Wifes' PC]
Is that going to work?
 
I would still recommend you move all pc's behind the new nat router rather than them having public routable ip addresses but you have the right idea with your diagram above.
This saves having to mess around with incoming nat & firewall rules. Basically nothing is allowed to come from the internet to the lan unless its return traffic that was initiated from the lan.
All internal computers would be natted to the external interface of your new router, 10.10.10.2 in your example.
Unless you have a special reason for having pc's with routable public addresses?
 
Thanks m_cozzy. I think you are right about putting the PCs behind the NAT router too... should cause far fewer problems when getting the wireless devices to talk to the wired ones.

The only reason I wanted the PCs the other side of the NAT router was because I play games online, and I'm worried I'll have issues that I don't currently have to worry about. The second reason is that sometimes I connect to my PC remotely from work using Remote Desktop. If the PC is on the NATted side of the router, I won't be able to do this any more. But that is a feature I only use rarely, so might not miss it.
 
Have just ordered a WRT54GL (from OcUK) and should be here on Monday :)

Do people recommend changing to the Tomato firmware? or is the LinkSys firmware OK?
 
To RDP into a machine behind your router that is getting an IP form the DHCP server in the router you could simply just set up a NAT redirect rule that would send the traffic to a set private IP address and then just fix your PC on a static internal IP.

Sorry that's not a good explanation but it's pretty straightforward to set up in most routers.

Give Tomato a go, adds a bunch of features you may find handy, DDWrt is also good for 3rd party firmware.
 
wij said:
To RDP into a machine behind your router that is getting an IP form the DHCP server in the router you could simply just set up a NAT redirect rule that would send the traffic to a set private IP address and then just fix your PC on a static internal IP.

Sorry that's not a good explanation but it's pretty straightforward to set up in most routers.

Give Tomato a go, adds a bunch of features you may find handy, DDWrt is also good for 3rd party firmware.
Click to expand...

Hey! Why didn't I think of that? Great idea wij (and I actually understood what you said - I must be learning stuff :))
I think that's what Moley was trying to suggest in post #9 above, but I didn't understand it then :P

OK, will give Tomato a go as have heard others giving it rave reviews.

Thanks again all!
 
You must log in or register to reply here.
Back
Top Bottom