Help with edgerouter X external ip passthrough

[Principis]

Hi,

Can someone explain how to passthrough an external ip and all traffic to my second router (USG) so that the USG has a external ip but different than the edgerouter X.

I can set up all the basic stuff but I don't know how to do this... I suspect it has something to do with NAT?

 

[Luc401]

Does the modem has 2 outputs so you can run 1 to the ER-X and one to the USG

[Principis]

Just now, Luc401 said:

Does the modem has 2 outputs so you can run 1 to the ER-X and one to the USG

I can add a switch but that would make a mess and I want to keep it clean. I thought this was possible if it's not please explain why  

I'm a quick learner so and I understand most things I just don't know how to set it up

And no it's just a modem

[mcraftax]

You will be setting up two subnets.

Do a class C (24) subnets for ease.

ER-X will get it external IP from the ISP.

It will control the 192.168.1.x/24 subnet.

Its internal IP as 192.168.1.1/24

For the USG i suggest giving it a static external ip and not using DHCP. Give it 192.168.1.2/24

Make sure the DHCP range on the ER-X is not overlapping any statically set ones if you have DHCP enabled.

The USH will control the 192.168.2.x/24 subnet.

Set the USG internal IP to 192.168.2.1/24

Make sure the DHCP range on the USG is not overlapping any statically set ones if you have DHCP enabled.

 

Data requested by hosts in the subnets will make it back to them.

If you want all data not requested from inside the network to be forwarded to the USG, you will have to port forward all the ports or the ones you want. Or set it to a DMZ 

[tt2468]

3 hours ago, Principis said:

Hi,

Can someone explain how to passthrough an external ip and all traffic to my second router (USG) so that the USG has a external ip but different than the edgerouter X.

I can set up all the basic stuff but I don't know how to do this... I suspect it has something to do with NAT?

 

Whats the use of the edgerouter x? If you have consumer internet, you will only get one external ip, so pushing the IP back to the usg would be a bad idea.

[Principis]

1 hour ago, tt2468 said:

Whats the use of the edgerouter x? If you have consumer internet, you will only get one external ip, so pushing the IP back to the usg would be a bad idea.

No, my isp uses dhcp (I think) because if I put a switch directly behind the modem I get external ip's to every device I attach to that switch.

[brwainer]

I don't know if this is possible on the ER:X, but what I would be looking to do is bridge eth0 and eth4 (which would also require that eth4 is not switched or bridged with eth(1-3)

[Principis]

1 hour ago, brwainer said:

I don't know if this is possible on the ER:X, but what I would be looking to do is bridge eth0 and eth4 (which would also require that eth4 is not switched or bridged with eth(1-3)

I tried but it gave an error that eth0 couldn't be bridged

[brwainer]

3 hours ago, Principis said:

I tried but it gave an error that eth0 couldn't be bridged

sounds like a limitation of the ER:X then. This is why I'm a Mikrotik person, not a Ubiquiti person. The equivalent Mikrotik router, the hEX (and the predecessor RB750GL) have all 5 ethernet ports on the same switch chip, and although eth0 is isolated by default, it can be set to switch with the rest of the ports, or can be bridged with anything.

[Joshosaurus]

@Windspeed36 May be able to help you out with this one.

[Guest]

32 minutes ago, brwainer said:

sounds like a limitation of the ER:X then. This is why I'm a Mikrotik person, not a Ubiquiti person. The equivalent Mikrotik router, the hEX (and the predecessor RB750GL) have all 5 ethernet ports on the same switch chip, and although eth0 is isolated by default, it can be set to switch with the rest of the ports, or can be bridged with anything.

ERX limitation for sure - Still trying to understand the aim of what he wants to do though.

[tt2468]

1 hour ago, brwainer said:

sounds like a limitation of the ER:X then. This is why I'm a Mikrotik person, not a Ubiquiti person. The equivalent Mikrotik router, the hEX (and the predecessor RB750GL) have all 5 ethernet ports on the same switch chip, and although eth0 is isolated by default, it can be set to switch with the rest of the ports, or can be bridged with anything.

One does have to understand the limitations of hardware like this. Considering the price, I wouldn't see the bridging as an issue. At the core, it's basically an l3 switch with more features. I believe eth0 is dedicated, so bridging would not be hardware offloaded. Which is why they don't bother adding it to the ui. You could probably bridge it through the cli, though it would not perform very well. The edgerouter lite has hardware offloading for true routing. Something I don't think mokrotik has for the same price. 

 

[Principis]

On 8-8-2016 at 4:18 AM, Windspeed36 said:

ERX limitation for sure - Still trying to understand the aim of what he wants to do though.

I want to put my router (USG) of the business part of my house behind the ER-X so I can remove the switch because it's a waste of space and power and it's a mess right now.

 

So now

Modem - switch - ER-x, USG, IPTV

And I want modem - ER-X - USG, IPTV

 

Also the USG needs an external IP because of port forwarding stuff...

 

Do you understand it?

[brwainer]

So we still come back to the basic requirement of bridging, or otherwise passing all Layer2 traffic, from eth0 to eth3. Based on the prior posts, it sounds like this is impossible with the ER-X, due to its own limitations. Maybe @Windspeed36 (whom I believe is actually a network hardware dealer, and regularly sells and deals with Ubiquiti hardware) or @tt2468 can help you out with a workaround.

 

Maybe the USG has some sort of bridging option, and you could make that the first device, but still keep the home network isolated?

[Guest]

6 hours ago, Principis said:

I want to put my router (USG) of the business part of my house behind the ER-X so I can remove the switch because it's a waste of space and power and it's a mess right now.

 

So now

Modem - switch - ER-x, USG, IPTV

And I want modem - ER-X - USG, IPTV

 

Also the USG needs an external IP because of port forwarding stuff...

 

Do you understand it?

Why does the ERX have to be there?

[Principis]

On 11-8-2016 at 1:47 AM, Windspeed36 said:

Why does the ERX have to be there?

It's for the private network the USG is for the business network.

 

I used to have a Asus router for the private network but it crashed so I upgraded everything with 5 UAP-AC-Lite, a ER-X and put everything nicely on a wooden board. And hung it on the wall.

 

(Sorry for my late response I appreciate your help.)