Comcast EDI MX67 Ubiquiti Edge Router

rcit1064
New here

Comcast EDI MX67 Ubiquiti Edge Router

Hello All,

I'm trying to learn how I can use an EdgeRouter X between a Comcast Ciena and the MX so I can use the /28 usable IP block that's issued in a Comcast Fiber EDI connection.

 

Comcast issues a Layer 3 PTP /30 network that I could use on the WAN interface of MX but I need to utilize the /28 IP's for other routers that will need their own Public IP's.

 

I was told that the MX can't facilitate our needs and that I could install a router such as the EdgeRouter to handle routing and my experience with these is zero.

 

Thanks for any help.

6 Replies 6
ammahend
Building a reputation

with /28 you have 16 IPs, are you trying to chop it into 4 X /30 and use each on 3 routers  to connect to internet and let them all go through the same MX appliance before they hit internet, where the 4th /30 subnet is used by MX ?

can you draw a topology with IP scheme to better describe the issue ?

No, I do not need 4 /30's of the /28 they've given us. Just the ability to use any of the customer provided IP's in the /28 as a WAN port on other firewalls/routers.

 

Thank you for the reply

KarstenI
Kind of a big deal
Kind of a big deal

Yes, this is exactly what you need to do:

KarstenI_0-1722668446417.jpeg

The Edge router is configured with PPTP on the WAN side and with an IP from the /28 on the LAN side. All your MX and other routers get an IP from the /28 block and use the Edge-Router LAN IP as the default gateway.

The EdgeRouter should not do any NAT, just routing.

Appreciate the help on this. I'm ordering the EdgeRouter today and will try my best to configure as you suggested. I'll keep the thread updated with the progress.

PhilipDAth
Kind of a big deal
Kind of a big deal

Here is a little secret.  You can create a VLAN on your MX using the /28 of public IP address space, and create a 1:1 NAT for each public IP address, where the public and LAN IP address are both the same public IP address.

 

PhilipDAth_0-1722764114188.png

 

You can also use the NO-NAT feature for an VLAN to use it for pure routing.  You enable this under Early Access features (under Organization).

 

 

PhilipDAth_1-1722764218252.png

 

 

Thank you for the "little secret". I've decided to try using an EdgeRouter and see if I can get it figured out. Great to know there is another option in case I can't figure it out.

 

Many thanks for your help.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels