<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><div><br></div><div><br></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><blockquote style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;" data-mce-style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>From: </b>"DJ-Pfulio" <DJPfulio@jdpfu.com><br><b>To: </b>ale@ale.org<br><b>Sent: </b>Tuesday, October 4, 2016 7:13:47 PM<br><b>Subject: </b>Re: [ale] Tomcat Monitoring<br></blockquote></div><div data-marker="__QUOTED_TEXT__"><blockquote style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;" data-mce-style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><br><br>However, be certain to get them to disable the Xfinity wifi crap. I<br>watched the tech do it and the following day it was back on. Seems we<br>have to call and complain a few times until they alter the router setup<br>at their end to really disabled it.<br><br></blockquote><div>The biz tech replaced my supplied modem with theirs today. She knew her cable, but not layer 2 vs layer 3 and my issue with this new modem is that it is layer 3 type device. My original modem was just a "bridge". She told me to turn on "bridge" mode all I needed to do was disable DHCP and turn off firewall. No, not really. What I did was assign my router a static on 10.1.10.0/24 address that this modem is on and configure that static address for DMZ.</div><div><br data-mce-bogus="1"></div><div>Is this good enough to give me the benefits of layer 2 or should I just replace it with my own and send it back?</div><div><br data-mce-bogus="1"></div><div>With that DMZ it should just be DNAT/SNAT for everything on the public. Double NAT issues should not really cause a problem. I do something similar when I assign a lab device a public IP from my private net. On a system at Peak 10 I alias another public on its eth0. I run openvpn on the device with the 10.8.1.X subnet and then use DNAT/SNAT to "assign" that public to the device.</div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div></div></div></body></html>