0

I've bought a DrayTek Vigor 2860 for my company network. And I'd like to use it for two VLANs with separated external IP's. I have 6 LAN ports on my DrayTek.

For example: External IP-adres: 201.102.102.104 Internal VLAN: 192.168.1.100 - 192.168.1.200 LAN port 1

External IP-adres: 201.102.102.105 Internal VLAN: 192.168.2.100 - 192.168.2.200 LAN port 2

LAN port 1 and LAN port 2 will both be connected to network switches which, so multiple devices can be added.

I know how to setup VLANs, but I cannot find this feature in my router. Is this router capable of doing this? If yes, what should I do?

Drawing of what I mean: Draytek Vigor 2860 two VLANS with separate external IPs

Link to online management interface of the DrayTek router (testing and demo by DrayTek http://eu.draytek.com:12860/)

ivodvb
  • 103
  • 1
  • 1
  • 6
  • Do you really need VLANs or do you just mean separately routed subnets? The 2860 can route separate subnets via each of its LAN ports but (as far as I know) it cannot handle VLANs directly. – roaima Mar 28 '15 at 16:47
  • I think I need a VLAN.. I'm not sure. Let me explain. The internal IP-range 192.168.1.100 - 192.168.1.200 is for a set of servers an the internal IP-range 192.168.2.100 - 192.168.2.200 is for another set of servers. I can not change those internal IP-addresses. That are VLAN's if im right.. I cannot think I can do this with only changing the subnets? – ivodvb Mar 28 '15 at 16:52
  • VLAN's operate at Layer 2 for the purpose of segregating hosts at Layer 2. You don't need VLAN's, you need routing in order to route traffic between the two subnets. – joeqwerty Mar 28 '15 at 16:53
  • So if I'm correct, I can do what I want and it's called IP Routed Subnet. Am I correct? I've found a manual (unfortunately in Duch), so when I'm correct I think I can set it up.. – ivodvb Mar 28 '15 at 16:58
  • This page has an English language User guide - http://www.draytek.co.uk/support/downloads – joeqwerty Mar 28 '15 at 17:01
  • Hmm... I'm not getting it to work. I am not able to create the setup above with separate subnets and not with VLAN.. I think I'm just not getting it.. The problem is that I cannot create setup DCHP (192.168.1.100 - 192.168.1.200 ) for public-IP-1 and DHCP (192.168.2.100 - 192.168.2.200) for public-IP-2... Anyone that can help? – ivodvb Mar 28 '15 at 17:26
  • 1
    What Draytek calls VLANs everyone else here calls routed subnets. – roaima Mar 28 '15 at 17:29
  • @roaima, ok nice! LAN port 1-4 are on 192.168.1.X and 5 & 6 are on 192.168.2.X. The only thing I have to do now is assign a different external IP-address to LAN port 1-4 and to 5 & 6. I cannot find where to do that. – ivodvb Mar 28 '15 at 17:32
  • Wan settings. Either configure two separate wsn ports or set up IP aliases on the one wan port (those define your external subnet range for that wan connection). That'll get you your externals. Then I think you use the nat mappings to define which subnet goes where. It's been a while since I did this. – roaima Mar 28 '15 at 17:41
  • I've added a little drawing to show what I mean. – ivodvb Mar 28 '15 at 17:41
  • @roaima thanks for your explanation. I do not get how to do this in this router. I've just added the link http://eu.draytek.com:12860/ which leads to the demo of the router by DrayTek. Could you please provide me with some tips, so I know where and how to search in this interface? I just can't find the proper way to set this up... – ivodvb Mar 28 '15 at 17:47

2 Answers2

1

I know this is an old question, but it took me forever to figure out the best way to do this, so hopefully this answer will help someone. I have a Draytek 2926 but previously had the 2860 and it has the necessary features too. This answer presumes both your public IP addresses are from one WAN connection. What you need to do is:

  1. Under WAN > Internet Access > WAN1 (or whatever WAN you use), select "WAN IP Alias" and make sure you enter any public IP addresses you wish to use.
  2. Under LAN > General Setup > LAN 2, you need to select "Details Page" and configure a second LAN (your first LAN should already be set up). In my case, I used the IP address 192.168.2.1 and Start Address of 192.168.2.10.
  3. Under LAN > VLAN create two VLANS. Each one should contain whichever LAN ports you want each network to include, and you will also need to assign your wireless SSIDs. The Subnet for each one (LAN1/LAN2 etc) will be the ones you created in the previous step
  4. Under Objects Setting > IP Object create a new object. Use the Address Type "Range Address" and then use the start and end IPs for the range you assigned to your LAN2
  5. Under Routing > Load-Balancing/Route Policy, create and enable a new policy. In here, for the Source select "IP Object", and then choose the object you created in the previous step. In the Interface field, select the correct WAN, then from the dropdown box select the address/IP alias you want to use for this network.

This setup is working perfectly for us.

shaneoh
  • 414
  • 3
  • 7
  • 19
0

This is a late response, but I think I've accomplished what you're trying to do.

How have you set up your multiple public IP addresses in the 2860? I have a block of eight from BT, five of which are usable. As I understand it, the first two addresses in the block are network and broadcast addresses respectively, and the last one is the router address, leaving the remaining five available for use. I set mine up as follows: On the WAN Internet Access page of the 2860, in the IP Adress From ISP section, select Fixed IP (even though BT static IP addresses are actually assigned using what is effectively a DHCP reservation) and enter the router public IP address (the highest one) in the Fixed IP Address field. Then click the WAN IP Alias button and added the five usable addresses in successive boxes under the Aux. WAN IP heading, making sure to enable them. If it doesn't matter what external IP address the traffic goes out on then tick the Join NAT IP Pool boxes; otherwise leave them empty except for the first one, which can't be cleared anyway. Now, when you set up Open Ports under the NAT section of the main menu, the public IP addresses will be available in the WAN IP dropdown menu, and you can specify which LAN uses which public IP address. You can then use these settings in your firewall rules.

Mitch
  • 11