What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Assigning static WAN IP addresses on Asus RT-N66U

B

blizeH

New Around Here
Hi,

I've just purchased an Asus RT-N66U router and am trying to configure my multiple IP addresses (I have a block of 8, or rather 5 usable IPs)

On my previous router I ran the following:

:ip ipadd intf=LocalNetwork addr=IP4/29 addroute=enabled
:ip ipadd intf=LocalNetwork addr=IP3/29 addroute=enabled
:ip ipadd intf=LocalNetwork addr=IP2/29 addroute=enabled
:ip ipadd intf=LocalNetwork addr=IP1/29 addroute=enabled
:ip ipadd intf=LocalNetwork addr=IP0/29 addroute=enabled
:ip ipadd intf=LocalNetwork addr=IP9/29 addroute=enabled
:nat mapadd intf=Static outside_addr IP4 weight 1 index=0
:nat mapadd intf=Static outside_addr=IP9 inside_addr=192.168.1.50 weight=120 access_list IP9
:nat mapadd intf=Static outside_addr=IP9 inside_addr=192.168.1.50 weight=120 access_list 192.168.1.50
:saveall

:nat mapadd intf=Static outside_addr=IP0 inside_addr=192.168.1.51 weight=120 access_list IP0
:nat mapadd intf=Static outside_addr=IP0 inside_addr=192.168.1.51 weight=120 access_list 192.168.1.51
:nat mapadd intf=Static outside_addr=IP1 inside_addr=192.168.1.52 weight=120 access_list IP1
:nat mapadd intf=Static outside_addr=IP1 inside_addr=192.168.1.52 weight=120 access_list 192.168.1.52
:nat mapadd intf=Static outside_addr=IP2 inside_addr=192.168.1.53 weight=120 access_list IP2
:nat mapadd intf=Static outside_addr=IP2 inside_addr=192.168.1.53 weight=120 access_list 192.168.1.53
:nat mapadd intf=Static outside_addr=IP3 inside_addr=192.168.1.54 weight=120 access_list IP3
:nat mapadd intf=Static outside_addr=IP3 inside_addr=192.168.1.54 weight=120 access_list 192.168.1.54
:service system ipdelete name=TELNET ip=149.255.104.16
:saveall
Click to expand...
Someone helped me configure it, and honestly I don't know where to start in writing that for the new router, or if it's even required?

Has anyone used one of the Asus routers (firmware version 3.0.0.4.374_979-gbc8961e) and successfully managed to configure multiple WAN IP addresses? I was hoping there would be something in the control panel, but I can't find anything.

Thanks!
 
http://www.linuxquestions.org/quest...blic-ip's-to-private-ip's-326993/#post1663981
Capt_Caveman said:
Ok, so I would probably just create a bunch of aliases (virtual interfaces) for each of the public IPs so that you have general connectivity (though not necessary), then just write a DNAT rule for each mapping and forward the required ports to the LAN server. Just remember that iptables will treat each of the virtual interfaces as one interface, so eth0:1, eth0:2, and eth0:3 would all be just eth0 in your iptables rules (using aliases in the rules will cause an error). So your DNAT rules will look like:

iptables -t nat -A PREROUTING -i eth0 -d 65.66.67.150 -j DNAT --to-destination 192.168.1.2
iptables -t nat -A PREROUTING -i eth0 -d 65.66.67.151 -j DNAT --to-destination 192.168.1.3

If you want to forward each of those ports to all of the internal servers, then your forwarding rules will be:
iptables -A FORWARD -p tcp -m multiport --dports 21,23,25,53,80,110,443,3389,5561,5562 - j ACCEPT

If you only want to forward certain ports to certain LAN servers, then just specify which ports and which internal IPs. For example say you only want port 80 and 443 going to 192.168.1.2 and ftp going to 192.168.1.3. Then your rules would be:
iptables -A FORWARD -p tcp -m multiport --dports 80,443 -d 192.168.1.2 -j ACCEPT
iptables -A FORWARD -m tcp --dport 21 -d 192.168.1.3 -j ACCEPT
Click to expand...

Aliases:
ifconfig eth0:0 WANIP0 netmask WANMASK0 up
ifconfig eth0:1 WANIP1 netmask WANMASK1 up

i'm not sure if eth0 should have it's own ip or if it should be nuked and set on eth0:0 instead. my guess is that leaving an IP on eth0 is fine.

never done this before, but i think the above will work

and of course, this will all need to be added to a start script on asuswrt-merlin, stock lacks persistent storage (jffs)
 
Last edited:
Thank you very much for the reply, so that would involve flashing the router and installing asuswrt-merlin? Would you recommend that or dd-wrt?
 
You must log in or register to reply here.

Similar threads

C
rt-ac68u assigning static ip addresses but I want dynamic ip addresses
Replies
17
Views
6K
ColinTaylor
C
gerold
Asus RT-AC86U with static IP-block by ISP, "1:1 NAT" for multiple servers?
Replies
0
Views
2K
gerold
gerold
M
How to change WAN static IP via telnet on RT-AC66U?
Replies
5
Views
4K
sfx2000
sfx2000
C
Asus RT-AC87U Merlin OpenVPN Client Won't Get IP On TAP Interface
Replies
3
Views
4K
yorgi
yorgi
XabiX
AC87U Asus Merlin interface source routing or One to One NAT
Replies
0
Views
3K
XabiX
XabiX

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 761 (members: 29, guests: 732)
Back
Top