Solved: Re: Two subnets from ISP one gateway - Page 2

mattmayer · ‎12-18-2023

I just received a set of public IPs from my ISP. I configured everything internally and can see the IPs internally etc. However I can not get out to the internet using those IPs. I reached out to my ISP about it since I saw a lot of times this is handled on the ISP side of the house but they said I would need to configure it on my side. Basically I'm trying to use the old gateway with the new subnet. I know it's possible just not sure how.

I have an ASR-1001-x with the ISP on port Gi0/0/0, the original subnet is on Gi0/0/1 and the new subnet on Gi0/0/4. The person I spoke with at the ISP said to look into setting up two gateways on the ASR. Any help would be appreciated.

Thanks,

Matt

mattmayer · ‎12-19-2023

MHM

I am not using a BDI.

Matt

mattmayer · ‎12-19-2023

Hi Rick,

Thanks for the help. Yeah it's from the same ISP. I've reached out to them and they weren't very helpful other then saying to look into a "dual gateway set up or something". Also this would need to be on my side since we're not a managed solution.

Matt

Richard Burts · ‎12-19-2023

Matt

Thanks for the update. This is surprising. Ping to Internet sourced from prior address block works, ping to Internet sourced from new address block does not work. Sure sounds to me like an issue on the ISP side. But they are not cooperative. Not sure what is the next step. Can you look back through all of the communications with the ISP about the new address block? Is there anything in those communications that mentions how it is to be used, or how to access it?

HTH

Rick

paul driver · ‎12-18-2023

Hello
on gig0/0 give it an secondary ip address off the new subnet.

Int gig0/0
ip addres 54.16.x.x 255.255.255.248 secondary

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

mattmayer · ‎12-19-2023

Hi Paul,

Thanks for the idea but when I do this I get 54.16.79.48 is assigned to Gi0/0/4.

Matt

paul driver · ‎12-19-2023

Hello
I would say that public subnet needs to be on the wan interface as a secondary and then you can an internal private subnet on gig0/4 interface which will allow you to nat on that private subnet

Example:
int gig0/0
ip nat outside
ip addres 54.16.x.x 255.255.255.248 secondary
int gig0/4
ip nat inside
Ip address 192.168.1.1 255.255.255.0

access-list 10 permit 192.168.1.0 0.0.0.255
ip nat pool NATPOOL1 54.16.x.x 54.16.x.y prefix-length 29
ip nat inside source-list 10 pool NATPOOL

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

mattmayer · ‎02-28-2024

This was what I went with but with static NAT translation so the systems were assigned a specific external IP. Thanks

Matt

MHM Cisco World · ‎12-19-2023

If what you mention to @paul driver correct

And if both IP in same supernet then

The ISP give you additional IP which will add to your old IP' you need to change mask to include both IP's and change pool of nat.

MHM

paul driver · ‎12-20-2023

Hello

@mattmayer wrote:

I just received a set of public IPs from my ISP.
. Basically I'm trying to use the old gateway with the new subnet

When this same ISP provided you with this additional /29 subnet did they specify any specific ip within that /29 you had to use, My thinking is they want you to use this new subnet on the wan interface and not as an internal subnet piggybacking off the existing /30.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Richard Burts · ‎12-20-2023

Paul

I agree that clarification from the ISP about intended use of the new address space is needed. Perhaps it was to provide some special addresses for NAT, or to augment the original block of addresses. I could see secondary on the WAN interface, but believe an even more logical thing would be to use the new block as secondary on the router interface using the original block. Or perhaps the new block is for something like a DMZ, in which case I believe that assigning the addresses to their own interface (such as G0/0/4) would be appropriate. Hope we will get some clarification from the ISP.

HTH

Rick

mattmayer · ‎01-23-2024

Apologies for not getting back to you all sooner. I was out of the office traveling. So the information I received from the ISP:

This was intended to add additional public IPs since our current /29 is completely used up.

I did dig a little bit and when I removed the IP x.x.x.50 from gi0/0/4 and added it as a secondary to gi0/0/0 I was able to get to x.x.x.49 (on the ISP side) and was able to get out to the internet using that secondary IP as the source.

Not sure if any of this clarifies anything, but just getting back on this and wanted to get that additional information out to you.