Using Ubiquity Cloud Gateways with L2 Fiber Connection to bridge to internet

We have a remote location that is connected with layer 2 fiber. The previous tech set this up in the following manner:

Remote Loc User > DHCP Provided by local server > L2 HP Switch > Cisco Meraki E2 > Telecom provider Fiber > Cisco Meraki E2 > Firebox E3 VLAN > Firebox E1 > Internet

IP addressing looks like this

192.168.2.34 > 192.168.2.5 > 192.168.2.2 > fiber A > fiber B > 192.168.2.1 > 192.168.1.1 > Internet.

What I need to make this look like is:

192.168.2.34 > 192.168.2.1 >Internet

or

Wired Vlan1
Wireless Vlan2 > Cloud Gateway > CG WAN port > Internet

In reading on the ubiquity site they state that I am seeing a double NAT issue and need to create a bridge on the firewall for Port E3 on Firebox to appear as a direct connect to Internet to avoid double NAT.

Any ideas?

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @GoldenArtist_Dan1

    If this is otherwise working, but the problem is just double NAT, I'd suggest turning NAT off further back in the network at the Ubiquiti device. Since the firebox is the device connected to the internet (if I'm reading this correctly) that would be the most efficient way to do this since it's using the public IP.

    The Ubiquiti device would need to have a public IP to turn NAT off at the firebox and still have traffic flow with a private IP (192.168.x.x) which would require a free external IP to assign to that device.

    -James Carson
    WatchGuard Customer Support

  • Thanks, James, unfortunately I do not think the Ubiquity device is that sophisticated, but I will check with their support as well. I inherited this from the previous IT folks that are all gone now. I would have much rather had a full single vendor stack. I do have public IPs available, but they also set it up to use the FW as a router instead of just a FW. So, there is no dynamic routing taking place anywhere on the network.

Sign In to comment.