Adtran
Help
The Adtran community holiday season is starting next week! The holiday period will span from December 21, 2024 to January 6, 2025. During this time, responses to feedback form submissions may be delayed. If you are encountering product issues, you can reach out to Adtran support at any time.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ss_daveh
New Contributor III
‎05-01-2014 11:11 AM

Configuring Proxy Arp on Netvanta 3448

Jump to solution

I am setting up a network with the Netvanta 3448 as the edge device then firewall using a public IP on the same subnet. I want to proxy arp an available IP to the firewall. The config below is what I am using and I can see the firewall show up on the arp table and when I debug arp I can see the arp requests being proxied in the CLI. I can ping the firewall from the CLI however it does not get internet. eth 0/2 is what I am using for the firewall port and the firewall is using the .210 IP address

vlan 1

  name "Default"

!

vlan 10

  name "Vlan Voice"

!

!

!

!

no ethernet cfm

!

interface eth 0/1

  description WAN Uplink

  ip address  x.x.x.211 255.255.255.240

  ip packet-capture 1CAPTURE

  ip mtu 1500

  ip access-policy Public

  media-gateway ip primary

  no awcp

  no shutdown

!

!

interface eth 0/2

  description Proxy Arp

  ip address  20.20.20.1  255.255.255.0

  ip mtu 1500

  no awcp

  no shutdown

Any assistance that you can provide is greatly appreciated. Also, I am new to the support community so please let me know if I need to provide further information to assist with this.

Thanks

Labels (2)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
Anonymous
Not applicable
‎05-15-2014 08:57 AM

Re: Configuring Proxy Arp on Netvanta 3448

Jump to solution

I found the best way to accomplish what you are trying to do is to use bridging.  The nice thing about bridging is you can connect your bridge group to a VLAN and then have multiple ports available on the same subnet.

Here's a basic config.

bridge irb

bridge 1 protocol ieee

!

interface eth 0/1

  description Broadband Highspeed Ethernet Connection to Public Net

  bridge-group 1

  no ip address

  qos-policy out Upload_SIDE

  no shutdown

!

interface eth 0/2

  description Ethernet to Public Subnet

  bridge-group 1

  no ip address

  qos-policy out Download_SIDE

  no shutdown

!

interface vlan 10

  description VLAN to connect switch ports to Public subnet

  qos-policy out Download_SIDE

  bridge-group 1

  no ip address

  no shutdown

!

interface switchport 0/1

  description TO FIREWALL

  no shutdown

  switchport access vlan 10

!

interface switchport 0/2

  description TO PUBLIC SERVER #1

  no shutdown

  switchport access vlan 10

!

interface switchport 0/3

  description TO PUBLIC SERVER #2

  no shutdown

  switchport access vlan 10

!

interface bvi 1

  mac-address 00:00:00:00:57:18

  ip address x.x.x.2 255.255.255.224 (PUBLIC WAN IP for 3448)

  ip mtu 1500

  no shutdown

!

ip route 0.0.0.0 0.0.0.0 x.x.x.1

I hope this helps.  Here is the Adtran doc on bridging as well. 

View solution in original post

0 Kudos
Reply
1 Reply
Anonymous
Not applicable
‎05-15-2014 08:57 AM

Re: Configuring Proxy Arp on Netvanta 3448

Jump to solution

I found the best way to accomplish what you are trying to do is to use bridging.  The nice thing about bridging is you can connect your bridge group to a VLAN and then have multiple ports available on the same subnet.

Here's a basic config.

bridge irb

bridge 1 protocol ieee

!

interface eth 0/1

  description Broadband Highspeed Ethernet Connection to Public Net

  bridge-group 1

  no ip address

  qos-policy out Upload_SIDE

  no shutdown

!

interface eth 0/2

  description Ethernet to Public Subnet

  bridge-group 1

  no ip address

  qos-policy out Download_SIDE

  no shutdown

!

interface vlan 10

  description VLAN to connect switch ports to Public subnet

  qos-policy out Download_SIDE

  bridge-group 1

  no ip address

  no shutdown

!

interface switchport 0/1

  description TO FIREWALL

  no shutdown

  switchport access vlan 10

!

interface switchport 0/2

  description TO PUBLIC SERVER #1

  no shutdown

  switchport access vlan 10

!

interface switchport 0/3

  description TO PUBLIC SERVER #2

  no shutdown

  switchport access vlan 10

!

interface bvi 1

  mac-address 00:00:00:00:57:18

  ip address x.x.x.2 255.255.255.224 (PUBLIC WAN IP for 3448)

  ip mtu 1500

  no shutdown

!

ip route 0.0.0.0 0.0.0.0 x.x.x.1

I hope this helps.  Here is the Adtran doc on bridging as well. 

0 Kudos
Reply