WAN Mapping - Multiple Static IPs
Introduction
This article describes the configuration, and mapping usage, when multiple Static IPs are added to the Primary or AUX WAN Ports.
WAN Static IP Capabilities:
Up to 4 Static IPs may be configured for each of the WAN Ports. Each Static IP can have a different Subnet Mask and Gateway address.
Note that first Static IP on the Primary and AUX WAN Ports work exactly the same as in all firmware before version 4.4.x
The first static IP is always the (main IP’) to which packets are sent/received by default. The second through fourth IPs (additional IPs) can be used for special purposes as follows:
- Port-forwarding - Packets from a specific WAN IP to LAN IP. (Ingress from Public Internet to LAN)
- WAN Mapping - SNATting packets from a LAN subnet (or single host) on to a specific WAN IP (WAN mapping). (Egress from LAN to Public Internet)
Configuration
Safety Mechanics
If the WAN IP(s) differ from the currently active IP(s) - i.e., the Gateway was not yet rebooted so the new settings are not in effect - this will be shown in the Portal. This allows the user a chance to make any necessary changes before committing to the running configuration (rebooting - power-cycling)
Changes in static IP settings will only take effect if the Gateway is rebooted, by either power-cycling or performing a soft-reboot from the Portal.
DNS
A common set of DNS servers (2) can also be configured for both interfaces (no change required from currently set DNS servers).
WAN Mapping
Use Cases (in production by our partners)
- A dedicated set of servers is kept on site by a third-party provider. All communications from those servers must originate from a certain permitted public IP address. For security reasons, the supplier only wants traffic from its own servers.
- An ISP that provides a mixed data/voice service wants all VoIP phones to use a different public IP address than the workstations.
Port Forwarding
Use Cases (in production by our partners)
- The client wants to run a video server on premises, but with a different public IP address than the one used by regular internet users. In that situation, they'd configure port forwarding to route any ports hitting that public IP to the video server, and then configure WAN mapping to route all outgoing traffic for that server and its associated video cameras (i.e., the LAN). This has the effect of a DMZ.
Reboot Gateway
Restarting a Gateway can be done either by pulling and replacing the power-cable, or in the Portal > Sites Settings section:
Related Articles
Setting Static IPs on the WAN Ports
From the Uplevel Portal (Firmware Version 4.4+) Login to your Portal and navigate to the Overview section for the Site you would like to configure Click Set WAN Static IP Select Static IP from the drop down menu Enter the IP Address, Gateway Address, ...LAN Subnet and DHCP Server Configuration
Manage the DHCP Sever on on the Uplevel Gateway Map Mac Addresses to IP Addresses in the DHCP PoolHostnames not showing in the Portal > Devices section
This pertains to using Static IPs. If you are using DHCP, please open a support ticket. The Static IP hostnames on the Portal > Devices page are a bit, for lack of a better word, dicey. We can retrieve and save hostnames to the hostname field if the ...Slow internet - Speed capped at 150Mbps - IPS/IDS
I see that Threat Analysis (Snort IPS/IDS) is enabled on this site. Threat Analysis in configured in the Firewall > Threat Analysis section of the Portal . This means to accurately run a speed test for the entire network you will need to run speed ...WAN Failover
By default, the Uplevel Gateway failover works by sending a health check probe to three separate health check servers in our cloud every second. If no answer from any server is received for three consecutive seconds, the WAN management determines ...