In my experience (admittedly foreign from here) when the provider won't allow access to their router they will supply a /30 linknet and then static the /28 to the customer.
Once you have the /28 you can assign as many of the IP's out and then create the tunnels with the local IP assigned. Regards Alexander Alexander Neilson Neilson Productions Ltd [email protected] 021 329 681 > On 19/09/2014, at 5:21 am, Roy, Jerry <[email protected]> wrote: > > Hi MT Listonians! > > Need your input on a design. We have a customer that needs public IP space > for their devices and we have installed a 750 as a router behind a router > from the ISP. The ISP had assigned us a /28 and we have subnetted to two > /29's. So we have public IP space on WAN (one/29 - So we can build IPsec > tunnel for management) and public IP space on LAN (second /29) for customer > equipment. We had to change the mask on the ISP router and add a static route > on their router to the MT WAN for the new /29 that we have assigned on its > LAN. Works well with Covad but now we have ran into an issue with Comcast, > they will not allow us access to the router to modify mask and add a static > route. These are ALL business circuits so we should be able to control our > own destiny but Comcast has put a stop to this. What I want to do now is use > the entire /28 space across all ports on the 750 and build our IPsec tunnel > from the MT back to our management server. Anyone done this before and will > it work t hi > s way? Basically a switch with Layer three IP for Management and Ipsec > termination. > > TIA for all your input. > > Jerry Roy > Tolt Solutions > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140918/4f10f192/attachment.html> > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6151 bytes Desc: not available URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140919/58ade8dc/attachment.bin> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
