I have a new installation of BT Infinity for Business with 5 static IP addresses. I have been unable to configure my DrayTek Vigor 2830 with the static IPs so I’m hoping that someone who has managed to get this setup to work could point me in the right direction.

BTW, IP addresses shown below are not real, but are they are consistent to explain what I’m trying to do.

Here’s what I’ve got:
BT Infinity for Business with a block of 8 static IPs, 5 of which I am free to use. The addresses are (not the real ones):

253.81.17.88 (network address)
253.81.17.89 to 253.81.17.93 (available IP addresses)
253.81.17.94 (router)
255.255.255.248 (subnet mask)

DrayTek Vigor 2830 router, with latest firmware 3.3.7.1 (14 May 2012).


I would prefer to use the router’s NAT feature rather than assigning public IPs to my devices outright, so I’ve tried the following which others apparently have managed to get to work. Before I started I reset the router to its default values.

WAN > General Setup
WAN2 is enabled with its default values (Ethernet / Auto negotiation), WAN 1 and WAN 3 are disabled.

WAN > Internet Access
Configured as PPPoE with username xxxx@hg70.btclick.com and password from the welcome letter.

Because BT assigns a dynamic peer address and does some internal DNS magic to link in the static IP block, in the IP Address Assignment Method section I’ve set Fixed IP to No (Dynamic IP).

In the WAN IP Alias screen I’ve then entered the 5 static IPs (see above) at indices 2 to 6 – all set to Enabled, but the “Join NAT IT Pool” box left unchecked. My dynamic IP is shown at index 1.

LAN > General Setup
LAN 1 is enabled, the rest are not. Onto the Details page. NAT IP Address (i.e. this Router) is 192.168.1.1, subnet mask 255.255.255.0. DHCP is enabled with Start IP Address as 192.168.1.21 and Gateway IP Address as 192.168.1.1. Relay Agent is left blank. I’ve also left the DNS Server addresses blank.

So far I’m able to connect to the internet, but I’m obviously only going out on the dynamic IP.

Because I want to run my SMTP server and secure website, I’ve then opened up some ports.

NAT > Open Ports
On index 1, enabled open ports on WAN2 for incoming IP 253.81.17.89 (this is my first static IP, I’d entered these as the WAN IP Aliases, see above), Local Computer 192.168.1.2, for TCP for start/end port 443 for HTTPS, and the same again for SMTP (port 25) on index 2.

This should allow me to access the Exchange Server at https://253.81.17.89:443, but it does not. No response when I check that port using e.g. the port scanner at http://www.t1shopper.com/tools/port-scan/. If I open up the ports on my dynamic IP address instead, then I do get the expected response on port 443 so at least the principle seems correct.

What am I doing wrong?

... continued from previous post ...

NAT > Address Mapping
I can’t get to my Exchange server from the outside. But at least I want to get to the outside from the server, and when I do that I want to use the static IP rather than the dynamic one. That’s what the address mapping should do.

At index one, I set Protocol to ALL, WAN Interface to WAN2, WAN IP to the static alias 253.81.17.89, Private IP is that of my server 192.168.1.2 and Subnet Mask is /32, i.e. a single address.

As soon as I enable this mapping, I can no longer get out onto the internet at all.

What am I doing wrong?


Conclusion
I’d be really grateful for any tips on how to get this to work. From reading other people’s posts I think it should be possible.

I am wondering whether there might be an issue with BTs configuration of my IP range? Perhaps I’m barking up the wrong tree and my router configuration is correct but the fault is elsewhere?


Note
I have tried also the “original” or “alternative” approach which is to ignore the DrayTek’s NAT function and instead tried to use the ”No NAT” approach and assign the public static IPs directly to my devices.

I assigned one of the static IPs to the WAN-facing network card of my server. On the router, starting again from the factory defaults I configured the WAN and then, in LAN > General Setup I enabled the IP Routed Subnet. The IP Address I set to 253.81.17.88 (the network address that BT assigned to me) and Subnet Mask to 255.255.255.248. The DHCP Server Configuration section I left empty as I manually set the fixed IP on my server.

But that didn’t work either. Any ideas?

SOLUTION

The configuration steps I posted in my original article are, in fact, absolutly correct. So if you've got a DrayTek Vigor 2830 or similar device, this is how you can configure it to make use of your multiple static IP addresses without losing your NAT function.

After much perseverance with BT's IT support - who to their credit were very helpful - it turned out that the issue was due to another user having mistyped their username and typed in mine instead, and that user was therefore camping out on my IP range.

Moral of the story: Change your default network password!

Just out of interest did you finish up with the no-nat setup or the Nat setup?
I've been struggling with the same setup and only seem to be able to use private addresses inside the draytek rather than routed public IPs on my devices....

ollietait wrote: Just out of interest did you finish up with the no-nat setup or the Nat setup?
I've been struggling with the same setup and only seem to be able to use private addresses inside the draytek rather than routed public IPs on my devices....

Have you tried Ip routed tick box on Lan and putting the first address you assigned to your WAN. Then add the rest of the addresses to the alias. You will need two network card in the internal device one with the external address and one for the Internal address. Should work?