Create a Post
Showing results for 
Search instead for 
Did you mean: 

Dynamic IP on WAN interface. Managed on its local static…



Can anyone add some clarity over the proposed options and best practice over this scenario please?


I have 2 interfaces - WAN and LAN.

WAN is DHCP. LAN is Static.


The gateway is managed via its LAN address


NAT is ticked to hide all internal networks behind this gateway.

When that WAN IP changes, how does the topology in smart dashboard update? Also, what would happen to the NAT? Would it fail?


Note - I have NOT ticked DAIP gateway as the Main IP of the gateway object is the LAN address which is indeed static.


thank you.

0 Kudos
4 Replies
Legend Legend

How did you define the topology ? I would assume that your LAN IP is the external IP as all internal IPS are NATed behind it, and the WAN IP an internal interface. As you can not tick DAIP for your WAN IF, the IP change would never propagate anywhere, i think. So what in fact does happen in your scenario ?

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos



Topology is


Modem - CP - LAN Router - Users.


CP has eth1 attached to Modem. 

eth1 has obtain ip automatically, with custom dhcp options configured in dhclient and recieves public IP from ISP.


DHCP for the LAN is done on the CP. 

Local traffic via the LAN router routes to the CP and CP hides local traffic behind the public IP assigned to eth1.


eth2 attached to LAN router is static. Fixed address

eth1, attached to ISP modem is dynamic (ISP wont give fixed IP) 


Gateway is managed locally via eth2. DAIP is NOT enabled as gateway is managed on LAN via static IP.


So, the question is, when the public IP attached to eth1 changes, how do these changes apply to the rest of the process?


How can the topology in SC update automatically? Otherwise, traffic will stop and fail. Traffic will try be hide nat behind the old public IP as topology hasnt updated.


There must be a way for this?

0 Kudos

Screenshot 2021-05-26 at 11.17.21.png

Screenshot 2021-05-26 at 11.17.13.png


0 Kudos

Marking the gateway as DAIP is really only necessary if you manage the gateway via the interface that is dynamic.
Marking the gateway DAIP imposes some significant limitations:

Without checking that box, if WAN address actually changes, it would require a policy install (with config changes) to restore all functionality, most likely.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events