So a parent company of a small shipping company wants to send us some black VPN box (ANIRA) and insists that it sits directly connected to the ISP and not behind the company Fortigate. They claim having sNAT both directions with a public IP is not good enough.
In our country we have an ISP and an infrastructure provider. These are 2 separate entities. infrastructure provider supplies the hardware (Alcatel fiber/Ethernet switch of some sorts) and the fiber line (p2p) going to the ISP, which in turns provides the public addressing and a connection to the Internet.
I talked to the ISP and they have no issue taking a /30 junk of an already routed range I have and letting me use that for this VPN device (network, endpoint, gateway, broadcast addresses). The infrastructure supplier is giving me a hard time though saying that they won't just make Ethernet port 2 switched with the port 1 (that porvides the connection to the ISP already) so far as saying we have to pay for another a dedicated connection to the ISP.
TL;DR: can i a plunk a switch at the WAN connection (port 1 from the infrastructure's Alcatel switch) and talk to the ISP to do the routing/gateway configuration skipping the infrastructure provider's involvement all together?
No comments:
Post a Comment