Question : How do i set up a 2nd WAN IP over PPPoE on OneAccess 100 modem/router?

Hi,

In my office i have a modem/router OneAccess 100 that has a 2nd WAN IP already set up in FastEthernet port 0/3.  I also have a Watchguard Firewall x2150e and in my ext01 port i have set up a PPPoE and provided the WAN IP plus the user/pass from my ISP.

The problem is that the Watchguard cannot get that WAN IP and i think it's a modem/router issue.

I contacted my ISP but they told me that there is no technical support available for the weekend (!!!!!) and i should call them in Monday. Problem is that i must set up this Firewall so Monday everything will be up and running.

Below, i provide the #show runnning-config from my modem/router:

xxxxxx>show running-config
Building configuration...

Current configuration:

no reboot recovery-on-error
logging buffered size 16364
logging console errors
logging buffered debug
logging file debug
logging timestamp datetime
logging event enable
hostname xxxxxx
ip domain-name 91.132.4.4
ip access-list extended l1
 permit ip 91.xxx.xxx.xxx 0.0.0.7 0.0.0.0 255.255.255.255
exit
class-map match-any voice
 match ip rtp 16384 32768
exit
policy-map VOICE
 class class-default
  fair-queue
 exit
 class voice
  set atm-clp
  set ip dscp ef
  priority percent 80
 exit
exit
interface FastEthernet 0/0
 no ip address
 bridge-group 1
exit
interface FastEthernet 0/1
 no ip address
 bridge-group 1
exit
interface FastEthernet 0/2
 no ip address
 bridge-group 1
exit
interface FastEthernet 0/3
 ip address 91.xxx.xxx.xxx 255.255.255.248
exit
interface Bvi 1
 ip address 192.168.1.1 255.255.255.0
 bridge-group 1
 no keepalive
exit
interface dot11radio 0/0
exit
interface adsl 0
 execute
 exit
interface atm 0
 driver ident 0
  range vp min 0 max 10
  execute
 exit
 adsl
  channel type fast
  execute
  exit
exit
interface atm 0.1
 pvc pppoeoa vpi 8 vci 35
  ipcp dynamic
  ipcp dns-accept
  authentication pap
  username xxxxxx@xxxxx
  password xxxxxx
  keepalive 15 retry 20
  execute
 exit
 ip tcp adjust-mss 1388
 ip nat inside overload
 ip nat inside bypass-list l1
 ip nat static-napt tcp 192.168.xxx xxxx 91.xxx.xxx.xxx xxxx

 service-policy output VOICE
exit
interface bri 5/1
 isdn
  application-interface voip
  protocol-emulation isdn-nt
  permanent-layer2
 exit
 no shutdown
 execute
exit
interface bri 5/2
 isdn
  application-interface voip
  protocol-emulation isdn-nt
  permanent-layer2
 exit
 no shutdown
 execute
exit
interface bri 5/3
 isdn
  application-interface voip
  protocol-emulation isdn-nt
 exit
 execute
exit
interface bri 5/0
 isdn
  application-interface voip
  protocol-emulation isdn-nt
  permanent-layer2
 exit
 no shutdown
 execute
exit
ip route 0.0.0.0 0.0.0.0 Atm 0.1
ip dhcp excluded-address 192.168.1.1
no snmp set-write-community private
no snmp set-read-community public
voice-default
voice-port 5/0
 clock-source free_run
 no echo-cancellation
 user-tone dial
  frequency dual 425 425
  timing customs 200 300 700 800 0 0
  timing enable
 exit
 tone userdefined
 isdn-ringback-tone
 isdn-release-tone
 isdn-setupack-inband
exit
voice-port 5/1
 clock-source free_run
 no echo-cancellation
 user-tone dial
  frequency dual 425 425
  timing customs 200 300 700 800 0 0
  timing enable
 exit
 tone userdefined
 isdn-ringback-tone
 isdn-release-tone
 isdn-setupack-inband
exit
voice-port 5/2
 clock-source free_run
 no echo-cancellation
 user-tone dial
  frequency dual 425 425
  timing customs 200 300 700 800 0 0
  timing enable
 exit
 tone userdefined
 isdn-ringback-tone
 isdn-release-tone
 isdn-setupack-inband
exit
voice-port 5/3
 clock-source free_run
 no echo-cancellation
 user-tone dial
  frequency dual 425 425
  timing customs 200 300 700 800 0 0
  timing enable
 exit
 tone userdefined
 isdn-ringback-tone
 isdn-release-tone
 isdn-setupack-inband
exit
dial-peer voice pots 0
 insert-calling-number 210xxxxxx
 pots-group 0
 suppress-calling-number 10
 port 5/0
 no shutdown
exit
dial-peer voice pots 1
 insert-calling-number 211xxxxx
 pots-group 1
 suppress-calling-number 10
 port 5/1
 no shutdown
exit
dial-peer voice pots 2
 insert-calling-number 211xxxxx
 pots-group 2
 suppress-calling-number 10
 port 5/2
 no shutdown
exit
dial-peer voice voip 0
 sig-protocol sip
 no dtmf-relay
 fax-relay passthrough
 t38-redundancy 2
 voip-coder-profile 0
 no shutdown
exit
voice-routing
 route 10
  dial-peer pots-group 0 ua-sip
  sip-authentication 210xxxxxx italtel
  prefix-type outgoing called last
  prefix 210xxxxxx  length 10
  no loopback-routing
 exit
 route 11
  dial-peer pots-group 1 ua-sip
  sip-authentication 211xxxxxx italtel
  prefix-type outgoing called last
  prefix 211xxxxxx  length 10
  no loopback-routing
 exit
 route 12
  dial-peer pots-group 2 ua-sip
  sip-authentication 211xxxxxx italtel
  prefix-type outgoing called last
  prefix 211xxxxxx length 10
  no loopback-routing
 exit
 route 100
  dial-peer voip 0
  prefix-type outgoing called last
  prefix .   timer
  no loopback-routing
 exit
 route 101
  dial-peer pots-group 0
  prefix-type outgoing called last
  prefix .   timer
  no loopback-routing
 exit
 route 102
  dial-peer pots-group 1
  prefix-type outgoing called last
  prefix .   timer
  no loopback-routing
 exit
 route 103
  dial-peer pots-group 2
  prefix-type outgoing called last
  prefix .   timer
  no loopback-routing
 exit
exit
sip-gateway
 reg-dns-add 91.132.xxx.xxx:xxxx
 prox-dns-add 91.132.xxx.xxx:xxxx
 reg-ka 3600
 prox-ka 3600
 registration-timeout 3600
 gw-interface atm 0.1
 message-waiting-indication
 device-host-name ONtelecoms.gr
 uri-contact ip-address
 no shutdown
exit
sip-server
 shutdown
exit
voip-coder-profile 0
 codec 0 g711a 20
 codec 1 g711a 30
exit

Can someone locate the problem in the router config? Any help is really much appreciated.

Answer : How do i set up a 2nd WAN IP over PPPoE on OneAccess 100 modem/router?

Configure your router in bridged mode this would allow WG to send username/password and get the IP address from your ISP. If you configure the router to do NAT then there would be two NAT implemented for your network, one by your router and other by WG FB.

If you wish to stick to this setup then you can assign one of the NAT IP on the WG external IP and you would be able to connect to the internet. Make sure if you are putting some private IP on WG external interface then you remove that subnet from the default blocked sites.

Thank you.