Helpful ReplyHot!3 ISPs with one public IP

Author
srv4ever
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/04/20 07:54:13
  • Status: offline
2021/04/20 08:04:51 (permalink)
0

3 ISPs with one public IP

My situation is this: I have 3 different ISPs: VIVO, TIM, and NET here in Brazil (1 Static IP and 2 Dynamic).
I need to do 3 things:

  1) Connect my 3 ISPs on one device.
  2) I need to use only one public IP to connect to the internet. Every single workstation needs to connect through this IP as if there is only one ISP connected.
  3) If the main link goes down, another link could assume its place but the same old public IP still must be used.
 
Is there a way to do that? Any appliance, proxy, or DDNS?
 
Thanks in advance.


 
 
#1
Toshi Esumi
Expert Member
  • Total Posts : 2560
  • Scores: 251
  • Reward points: 0
  • Joined: 2014/11/06 09:56:42
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/20 08:44:06 (permalink)
5 (1)
Not possible unless you have your own public subnet from LACNIC.
#2
emnoc
Expert Member
  • Total Posts : 6097
  • Scores: 414
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Location: AUSTIN TX AREA
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/20 10:31:41 (permalink) ☄ Helpfulby srv4ever 2021/04/20 13:19:17
5 (1)
OP, why not engage SDWAN. Your 3x ISP is ideal for SDWAN. You set up 3x ports and cfg 3x subnets and set these are members in SDWAN
 
Ken Felix
 

PCNSE 
NSE 
StrongSwan  
#3
srv4ever
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/04/20 07:54:13
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/20 13:28:40 (permalink)
0
emnoc
OP, why not engage SDWAN. Your 3x ISP is ideal for SDWAN. You set up 3x ports and cfg 3x subnets and set these are members in SDWAN
 
Ken Felix
 




Thank you for your response.
I'm not familiar with this concept yet.
With SDWAN, could I connect 3x ISP with the external sites and applications detecting me as one IP?
post edited by srv4ever - 2021/04/20 13:30:05
#4
sw2090
Expert Member
  • Total Posts : 945
  • Scores: 78
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 04:08:35 (permalink) ☄ Helpfulby srv4ever 2021/04/22 08:53:33
5 (1)
nope.
SDWAN enables you to use n WANs as one WAN for outgoing traffic.
If you want n WAN Lines with one IP you would need an aoutonomous subnet. Only those can be routed isp independent. But those are hard to get and expensive. And you need the neccessary technology to be able to announce routes...
#5
SJFriedl
Bronze Member
  • Total Posts : 29
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/12/10 14:13:55
  • Location: Southern California USA
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 06:12:47 (permalink)
0
sw2090
SDWAN enables you to use n WANs as one WAN for outgoing traffic.

How is this different from just putting your WAN interfaces into a single Fortigate zone? Is that the same thing?

If you want n WAN Lines with one IP you would need an aoutonomous subnet.

Oh yah; running BGP is a very very big hairy deal.


#6
sw2090
Expert Member
  • Total Posts : 945
  • Scores: 78
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 07:17:44 (permalink)
0
hm a zone does not do loadbalancing or knows rules for wan access?
#7
SJFriedl
Bronze Member
  • Total Posts : 29
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/12/10 14:13:55
  • Location: Southern California USA
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 07:18:59 (permalink)
0
sw2090
hm a zone does not do loadbalancing or knows rules for wan access?

Sounds like I have some reading to do :-) 
#8
lobstercreed
Expert Member
  • Total Posts : 410
  • Scores: 47
  • Reward points: 0
  • Joined: 2018/11/28 14:57:58
  • Location: Sedalia, MO
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 07:47:53 (permalink) ☄ Helpfulby srv4ever 2021/04/22 08:53:08
5 (1)
As far as OP's question goes, this is of course impossible.  SD-WAN, zones, etc has no bearing. 
 
I keep seeing this question come up but it always has been and always will be impossible to use an IP that you don't own on a network that doesn't own that IP.  Routing 101...  It's like you moved to a different country but think that you can continue to use the old country's return address and your friends will somehow magically end up on your doorstep.
 
So the question for the OP is whether this "requirement" is truly a requirement or merely a preference?  If it's a true requirement, there is significant money and effort involved but clearly the bosses will pay if it's a requirement.
 
Otherwise, use SD-WAN like most folks and simply realize you may present the IP address of each of your WAN's depending on the route you take.  :-)
#9
emnoc
Expert Member
  • Total Posts : 6097
  • Scores: 414
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Location: AUSTIN TX AREA
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 10:44:55 (permalink) ☄ Helpfulby srv4ever 2021/04/22 08:53:11
5 (1)
My thoughts ; unless he does BGP and have an allocation given, he is not going to use one single ip/subnet across 2 other ISPs. BCP38 egress filtering along will kill them. 
 
I would deploy SDWAN and if concern, set preference for ISP A over B or C  if required.
 
Ken Felix
 

PCNSE 
NSE 
StrongSwan  
#10
Keeper of the Keys
New Member
  • Total Posts : 18
  • Scores: 4
  • Reward points: 0
  • Joined: 2021/04/07 04:39:48
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 23:05:27 (permalink)
5 (1)
If you use SD-WAN and have a rule that makes traffic prefer only one link, but why would you not use all the available uplink speed?
#11
Keeper of the Keys
New Member
  • Total Posts : 18
  • Scores: 4
  • Reward points: 0
  • Joined: 2021/04/07 04:39:48
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/21 23:08:25 (permalink)
5 (1)
If you're willing to go the IPv6 route getting an AN may be easy...
#12
srv4ever
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/04/20 07:54:13
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/22 09:04:17 (permalink)
0
Thank you all for your response, guys.
You guys helped me clarify some concepts.

We are probably going to get a VPN and send all traffic through it.
The problem with outgoing with more than 1 IP is that we do use some banking applications, financial services that disconnect you when they recognize multiples IPs on a single session.

But I'll read some more about SD-WAN to see if we can apply it.
post edited by srv4ever - 2021/04/22 09:06:04
#13
emnoc
Expert Member
  • Total Posts : 6097
  • Scores: 414
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Location: AUSTIN TX AREA
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/22 09:39:23 (permalink)
5 (1)

The problem with outgoing with more than 1 IP is that we do use some banking applications, financial services that disconnect you when they recognize multiples IPs on a single session.

 
Then built a SDWAN for that destination/application and nail it to just one sdwan-member. I really do not see how a VPN is going to make this any better unless your planning a VPN to each institution 
 
Ken Felix

PCNSE 
NSE 
StrongSwan  
#14
srv4ever
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/04/20 07:54:13
  • Status: offline
Re: 3 ISPs with one public IP 2021/04/22 10:45:16 (permalink)
0
emnoc

The problem with outgoing with more than 1 IP is that we do use some banking applications, financial services that disconnect you when they recognize multiples IPs on a single session.

 
Then built a SDWAN for that destination/application and nail it to just one sdwan-member. I really do not see how a VPN is going to make this any better unless your planning a VPN to each institution 
 
Ken Felix



I plan to use a VPN service, like ExpressVPN, and register that on the 3 WANs using L2TP to their exact same server.
#15
Jump to:
© 2021 APG vNext Commercial Version 5.5