How to utilize provided 8 public IP addresses with NSA 5600 via a PPOE connection
I am very glad to be here and would like to ask a question on how to implement network settings on the NSA 5600 system.
VNPT (ISP) provided us a block 8 static public ip of 113.160.164.y/29 via a PPOE connection (FTTH) with dynamic ip address.
We have set up the system as following:
+ Get WAN connected via X4;
+ Set up Arp for 8 public IP addresses
+ Set up Rules to allow connection via those 8 ip address to our internal network (10.86.19.x/24)
+ Set up NAT 1:1 from those ip to internal server 10.86.19.11-18
The system work fine, connections can be done successfully from outside to those server insides without any problem.
Recently, there are few organisations provided with static ip address of the same 113.160.164.xx can not access our servers being NAT via 22.214.171.124-8 to the internal 10.86.19.11-18 (for Web, monitor, mail...ssh..etc)
Simply, if we create a virtual interface at X4, Vlan 19 for the PPOE connection, allows pinging. Computer from other 113.160.164.xx addresses can not even ping to the interface.
VNPT (ISP) said that we configured wrongly and they inquired us to set up a modem/router in between to do the PPOE connection and the secondary LAN of the Modem/router set up with the first Public IP (126.96.36.199) will be connected to the NSA firewall as WAN connection for the entire network.
From our view, we double VNPT has problem with their owned routing but they refused such claims.
Questions: Please help to guide us on how to set up such requirements properly
Thank you very much for your support.