Bridging static IPs from SMC8014 gateway to internal routers
My problem is all over the Web in various forums, but there seems to be no clear answer.
I just switched form a single static IP adress to a block of five. Previously, I had a router connected to the SMC8014 gateway, with several ports forwarded to a server and other hosts on an internal network. The WAN info on the router was set to the Comcast-provided publicly routable IP address. When scanned form outside my network, my services showed up on the this IP just as if the server were connected directly to the Internet, and I had highly configurable firewalling. Good!
However, now, with five publicly-routed IPs available, the same scenario should work for each IP, right? It doesn't. If I connect gateway--router--server, and scan the IP address from outside my network, I see the (hidden) ports on *the SMC8014*. My server is invisible, even though it does have outbound connectivity to the Internet.
On the other hand, if I connect the server directly to the SMC8014, and set the network info on the server to the publicly routed static IP, and restart networking, the server is perfectly visible from the Internet. And perfectly un-firewalled! This is certainly interesting, but NOT GOOD.
The settings on the SMC8014 are verified by Comcast as being correct -- no firewall, no DHCP -- so it is acting as a bridge more or less. Oddly, its behavior seems to change depending on what is plugged into the LAN ports, as described above. I've tried several routers I have lying around and gotten the same results. So what is going on?