Hello Everyone,
First Post! I have a question about the ability to create a transparent range of WAN IP addresses on a Netvanta 3120. I am looking for the exact same functionality as described in this post on the Netvanta 2000 UTM: https://supportforums.adtran.com/docs/DOC-2407
I would like to use the 3120 to enforce QoS on a 10m Ethernet circuit, I have a /29 block of addresses and I need to assign one to the 3120 and I would like to be able to allow a Cisco 5505 to connect to another public IP through a port on the Adtran. The Cisco is managed by the IT company and I work for the company installing the VOIP system. I figured this is the best way to give them control of their own equipment while I can still have the Adtran prioritize voice traffic. Can this be done or is there a better (or simpler ) way to configure this?
Thank you!!
Please let me know if I misunderstood any part of your question. It seems like you have two public IP address ranges available. One will be used on the Cisco to Adtran connection, while the other range is available to use how you wish. There are a couple of ways I would consider setting this up:
Option 1:
This option would have eth 0/1 as your WAN port. You would then create a VLAN interface for the second public IP range. One of the IP addresses would be assigned to the VLAN interface, while the remaining would be used on any equipment that requires it. This equipment would need to plug into the switchport(s) you assigned to the VLAN. Generally, this setup is used for DMZs or if there is another firewall sitting behind the NetVanta.
Option 2:
This option would also have eth 0/1 as your WAN port. However, you would assign the second public IP range as secondary IP addresses on eth 0/1. This is generally used when a port forward is required using external IP addresses.
In both of these options, WAN eth 0/1 would be where you would configure the QoS map.
I hope this answers your question, but please do not hesitate to let us know if it does not or if you think of anything further.
Thanks,
Noor
Thank you for your request.
We will respond as soon as possible.
Thanks noor!
I don't have a separate range of public IP's in this case. What I want to do is to allow a device behind the Adtran to use another public IP from the same range. I don't want to alter the traffic in any way, with the exception of QoS.
I have setup a 1335 to pass through a single public IP address in my lab, All I did was assign two ports to VLAN 2 and turned on IP proxy arp on the interface connected to the ISP. I then applied QOS to VLAN 2 out bound. Here is some of the config:
interface switchport 0/24
no shutdown
switchport access vlan 2
!
!
interface gigabit-switchport 0/1
no shutdown
switchport access vlan 3
!
interface gigabit-switchport 0/2
no shutdown
switchport access vlan 2
!
!
!
interface vlan 1
ip address 192.168.20.1 255.255.255.0
access-policy Private
ip route-cache express
no shutdown
!
interface vlan 2
ip address x.x.x.x 255.255.255.248
ip proxy-arp
access-policy DMZ
qos-policy out VOIP
ip route-cache express
no shutdown
Gig 0/2 is connected to the ISP and Swx0/24 is connected to another device using another public IP. Will this apply qos properly to all traffic going through the Adtran to the ISP?
- If you only have one public subnet to work with, you can set it up as you did on the 1335. The 3120 will allow you to create VLANs as the 1335 does using the 4 internal switchports on the 3120. It would mean that the eth 0/1 interface on the 3120 does not need to be used.
If you do set up the VLANs and QoS as you have mentioned above, then QoS will apply properly. The only change you need to make on the 3120 and the 1335 is to set the traffic-shape rate on the public VLAN to be the upload speed you are guaranteed by your ISP. Otherwise, with QoS enabled, the NetVanta will assume that whatever speed the switchport is coming up at is the bandwidth that is available (which is generally never the case)
Please do not hesitate to let us know if you have any questions.
Thanks,
Noor
Thank you for your request.
We will respond as soon as possible.
Thank you, Noor. I just finished installing the 3120 as described above and everything is working as planned.