This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG105 and Telstra NBN FTTP Connection

Hi Guys,

Remotely trying to get a clients new Telstra Business NBN connection working through the Sophos SG105 they have had for 12 months on their ADSL2 connection. The main issue here is the supplied Static IP. 

If I change the Interface to Ethernet and leave Dynamic ticked - the connection works fine, except its giving me an IP from their dynamic pool obviously.

If I untick it and enter in the supplied (and verified correct) Static IP and subnet mask - it kills the connection on a reboot and will not reconnect.

Anyone hooked up a Telstra Business NBN FTTP connection with a Static IP to a SG Firewall successfully???

Any tips would be appreciated!!  ;)



This thread was automatically locked due to age.
  • this is bit of a guess, check with the NBN supplier whether they have a fixed MAC for the service?

    Do the logs show any details of the connection and of course of the failure?

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • If there's no extra cost to your client, why not let the UTM use the dynamic IP as primary and just make their fixed IP an Additional Address?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Cheers for the responses so far guys!

    I'm pretty sure this is a screwup on Telstra's end.

    The first dynamic IP network range was 124.xxx.xxx.xxx which Telstra Support 'couldn't find'

    I hooked up the supplied Telstra Gateway and got a 101.177.xxx.xxx address - still NOT my actual static IP. Had a hunch it may be MAC related so I wrote down the MAC address of the Telstra Router (which doesn't have the ability to be put into Bridged mode despite their Tech Support saying it could).

    Plugged the Sg105 back in (DYnamic IP in the 124.xxx.xxx.xxx range again!) and set the virtual MAC on Eth1 to the same Mac as the Telstra Router and Boom! 101.177.xxx.xxx IP address and connection running.

    So, still no Static IP but it seems to be connected to the Telstra Dynamic Range at least. They still don't know where the 124.xxx.xxx.xxx IP came from (and was working!!).

    I tried adding the 110.143.190.86 IP as an additional IP (I still think the supplied 255.255.255.0 netmask is woefully incorrect) and set the Incoming Mail Nat/Rule to point to it but no luck :(

    Still on-hold with Telstra ... been on the phone with them for 3 hours so far, really great way to start a Monday Morning! One bunch of clowns was trying to tell me that there is no NBN connection here and they would send a tech out to install it ... for a fee!!!

  • It may be counter intuitive, but WebAdmin creates better code when you use a /32 for Additional Addresses.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Confirmed fault of the Providers end - I threw my hand sup on Tuesday and said 'I don't care, just give me ANY static IP'. They promised to get right onto it and sort it out once and for all ... its now 4.30pm Friday and still not sorted. Which is par for the course really.

  • Ended up getting a second IP address since they still haven't sorted the original Static IP we were supposed to get. Set up the additional IP, changed MX records, and then set up a new SNAT rule from Internal Mail Server to Any using the Second IP. Had to turn off sending via the UTM as no matter what I tried it kept trying to send through the main dynamic IP only. So now sending via Exchange instead and that is going out the correct Secondary IP.

    Cheers for the tips and pointers lads!

  • When creating an SNAT for messages sent by the SMTP Proxy, it must look like:

    SNAT : External (Address) -> SMTP -> Internet : from External [Mail] (Address)

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA