Setup one device/port bypassing DHCP


#1

Hey there!

I just recently got my 2GB Wifi Turris Omnia and I’m very happy with it.

I have a setup where my ISP grants the use of 3 public IPs, but this is not enough for our current devices. So we use the DHCP service on the Turris Omnia. We do however have a server that we’d like to bypass the Turris DHCP and for it to instead use the ISP DHCP for a public IP, thus allowing easier access from the internet.

How can we achieve this the easiest? I tried adjusting interfaces, as well as some VLAN setups, but couldn’t get it to work properly so that the server had an external/public IP. And can it still be easily accessible through the network?

I’m sure this is some quite simple and common configuration, but I couldn’t find the right documentation nor configuration setup for it on the web interface. My experience with Linux is limited, but I do have some technical background. The complexity of more advanced networking was, however, beyond my capabilities.

Technical setup:

  1. ISP fiber connection with up to 3 public IPs (One used for the router)
  2. A few wire-connected devices using the router DHCP
  3. Wireless devices using router DHCP
  4. Server connected with cable, that should bypass router DHCP and instead use the ISP DHCP.

If you can just point me towards the correct documentation, or have some setup I can look at, I’d appreciate it.

Thanks for your time!


#2

Hi,

I won’t help you with exact setup but I would suggest to look how IP subneting, routing, LAN&WAN and firewall/security works before doing something like this because giving full direct access from Internet to the server without firewall is really bad idea without knowing exactly what you are doing.

BTW. for accessing the server from internet is usually sufficient portforwarding.
Or you can configure Omnia to have all three public IP and forward one IP traffic to the internal IP of server, but much better would be to have another DMZ subnet for it.
It is also possible to put this server to WAN VLAN but in that case I would trunk it with my internal VLAN and configure two virtual interfaces on the server and configure firewall on it (but that’s the point why I wouldn’t do it because it’s double trouble when I can have firewall only on one point - Omnia)