FR
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Telus Fiber + Static Public IPs: NAH must not be in Bridge mode?

ithero
Neighbour

Saturday

I keep hearing over and over again from Telus on-site techs and support agents that the Network Access Hubs will not work with Static IP addresses if set to Bridge Mode and they should be set to Router Mode instead.

 

Help me understand how the WAN traffic is expected to hit my Enterprise Firewall directly over the static public IPs configured on its WAN interface, when the upstream Telus NAH is running in the Router Mode with its LAN side configured as a Private Network 192.168.x.x, and handing off private IP addresses to the downstream devices?

 

There should be something configured like the Bridge or IP pass-through on a dedicated port, but there is NO WAY I can connect to a firewall over the public IP when it sits behind a NAT!

 

0 Kudos
8 REPLIES 8

bimmerdriver
Coach

Sunday

What is your configuration? Who is providing the static ip address(es)?

0 Kudos

ithero
Neighbour
In response to bimmerdriver

Sunday

Telus of course. LAN > Enterprise Firewall > Telus NAH > Fiber > ISP.

5 Static IP addresses from Telus.

I am assigning them to the Firewall's WAN interface.

Branch offices and Remote users must be able to establish VPN tunnels with the Firewall (VPN Gateway) over those IP addresses.

This means that the Network Access Hub must transparently pass-through the packets.

Telus claims that NAH must be set up in Router Mode for the static IPs to work. Router Mode means NAT.

0 Kudos

bimmerdriver
Coach
In response to ithero

Sunday

What kind of NAH is it, NH20A or NH20T? I have an NH20T. It has a setting to configure a static subnet on the LAN, but there aren't any settings on the WAN side for static ip addresses. You might be better off with an ONT rather than an NAH.

0 Kudos

ithero
Neighbour
In response to bimmerdriver

yesterday

Static IPs configured on the WAN side of the NAH is what I am trying to avoid.

The very fact that NAH has 2 sides: WAN and LAN means that is acts as a router/NAT.

I need the static IPs configured on my own business firewall, that takes on the entire role of the router/VPN gateway/firewall. While the NAH in front of it must act as a "dumb" pass through converter from fiber to copper (modem).

0 Kudos

bimmerdriver
Coach
In response to ithero

yesterday

I find it really hard to believe Telus expects business customers to use an NAH with NAT with static IP addresses. An NAH only slightly less of a toy router than the T3200M. It must be possible to use an ONT.

0 Kudos

ithero
Neighbour
In response to bimmerdriver

yesterday

And yet, here we are. I am 300km away from the customer site to confirm visually the device that was installed. The on-site tech from Telus said he wasn't sure. The phone support said it was Arcadyan based on the job order. The firewall does not receive internets if I configure WAN with static IP addresses. But if I put it in DHCP mode, it gets a private 192 address and the internet works. Telus support says that's how NAH should be configured if I want to use static IPs, which DOES NOT MAKE ANY SENSE.

 

ithero_0-1752473731380.png

 

0 Kudos

bimmerdriver
Coach
In response to ithero

yesterday

I found a thread on Reddit about this topic. Apparently, you can set port 1 to bridged mode and then the static IP can be assigned to the MAC address of your router.

 

Here is a link: Public Static IP for business : r/telus

0 Kudos
Copyright © 2025 Khoros, LLC