Support
Community

Examine your Comcast cable modem. Some versions have a built-in switch and four Ethernet jacks that can be plugged directly into your devices.

Alternatively, you can use switch ports on the 3448 to connect the WAN side of your devices.

I'm assuming that the 3448 is going to be one of the routers, call it Router1. If the 3448 isn't going to be one of the routers, you can still use its switchports to carve out a small layer 2 switch, but the configuration will be slightly different. If all that the 3448 is doing is functioning as a layer 2 switch to interconnect the firewall and routers, the 3448 probably isn't the best product. Its switch ports are only 100 Mbit and its routing capability makes it overkill. Just use a "dumb" unmanaged gigabit switch. Basic configuration assuming that the 3448 is working as Router1:

!

vlan 100

  name "Comcast-WAN"

!

interface switchport 0/1

  description Comcast WAN feed

  switchport access vlan 100

  switchport mode access

  no shutdown

!

interface switchport 0/2

  description Router2 WAN

  switchport access vlan 100

  switchport mode access

  no shutdown

!

interface switchport 0/3

  description Firewall WAN

  switchport access vlan 100

  switchport mode access

  no shutdown

!

interface vlan 100

  ip address XXX.173.174.229 255.255.255.248

  no shutdown

!

ip route 0.0.0.0 0.0.0.0 XXX.173.174.225

!

You would connect the Comcast feed into switch port 0/1, Router2 into switch port 0/2, and the firewall into switch port 0/3.

As far as configuration, on the other routers and firewall you'll configure the interfaces with their respective IP addresses, all with a subnet mask of 255.255.255.248. 3448 syntax will be similar to:

(on  Router2)

interface gi 0/1

description Comcast WAN

ip address XXX.173.174.230 255.255.255.248

(on firewall)

interface gi 0/1

description Comcast WAN

ip address XXX.173.174.228 255.255.255.248

On each device you'll want a default route pointing to the Comcast next-hop. On the 3448 the syntax is:

ip route 0.0.0.0 0.0.0.0 XXX.173.174.225

Syntax on the other devices may be different.

OK, gotcha. If your ISP is directly giving you the addresses for router 2, router 3, and the firewall, then you don't really need or want the 3448. All you need is a four-port switch. Plug the Allstream connection into one port and the routers and firewall into three more.

There are some scenarios where an ISP will deliver a WAN link, typically with a 255.255.255.252 netmask, and then route the actual IPs for your use over that link. In this case your ISP would have given you two different subnets and you would need a front-end router for your other devices. This doesn't seem to be the case.

Are you using the 3448 for anything other than to connect your Internet connection to the other devices? If not, I would replace it with a basic four-port switch. You could use an Adtran 1531 for this. If so, what else are you using the 3448 for?

You can use the 3448 if the connections are 100 Mbps or less. It has a built-in 8-port switch with 100 Mbit interfaces. If your ISP handoff is gigabit ethernet and speeds over 100 Mbit you'll want to get a gigabit switch.

From factory default it will just work if you use four of the eight switchport interfaces to connect your two routers, firewall, and ISP connection. For best practice, log in to the 3448 and shut down the vlan1 interface just to be safe.