i have small company ...all servers

Toggle sidebar Toggle sidebar
M

mahesh561

Honorable
Dec 2, 2013
9
0
10,510
Dear sir/madam

i have 5 public ips....
my connections
router(cisco router 1941)->firewall(asa 5505)->switch -> server

i want this method

(public ip )router (local ips)->(which ip )firewall(which ip )->switch-> server (public ip )


my problem is
we want to give public ip to the server

how to do ?
please help ..me




 
Solution
S
(Public IP)router (Public IP - the /29 you got from your ISP)->(Public IP )firewall(Private IP )->switch-> server (Private IP )

You need to then use NAT on the firewall to forward incoming connections to the server. It's that simple.
Sort by date Sort by votes
S

sg4rb0

Honorable
Dec 4, 2012
214
0
10,760
(Public IP)router (Public IP - the /29 you got from your ISP)->(Public IP )firewall(Private IP )->switch-> server (Private IP )

You need to then use NAT on the firewall to forward incoming connections to the server. It's that simple.
 
Upvote 0 Downvote
Solution
S

sg4rb0

Honorable
Dec 4, 2012
214
0
10,760
OK. Keep to my suggestion, use the 5 public on the router's LAN interface.

You need to ask your ISP to use this as a routable subnet. Basically they should provide you with a /30 on the routers WAN interface, and a /29 for the routers LAN interface.

If they do not do this, then you will need to use ip unnumbered command, like this.

interface dialer1
ip unnumbered fa0/0 (or whatever the LAN interface is)
exit
wr mem

 
Upvote 0 Downvote
M

mahesh561

Honorable
Dec 2, 2013
9
0
10,510
@sg4rbo

thank u sir


i done configuration cisco router
wan interface
(config-if)#ip address 103.15.60.140/30
(config-if)# no shutdown
after lan interface
(config-if)# ip address 103.15.60.141/29
getting error overlap 103.15.60.0....
please how to do ..
send the my mail id
madudhula.mahesh@ymail.com

please help me i am fresher ...



 
Upvote 0 Downvote
S

sg4rb0

Honorable
Dec 4, 2012
214
0
10,760
Let's say the WAN interface = fa0/1
Let's say the LAN interface = fa0/0

#interface fa0/1
#no ip address
#interface fa0/0
#no ip address
#ip address 103.15.60.141 255.255.255.248
#no shut
#int fa0/1
#ip unnumbered fa0/0
#no shut
#end
#wr

At the minute, I just tested, and it appears you have the IP address actually on the WAN interface, so make sure you use my config and see if it works (i'm not 100% sure it will, but it will be a workaround worth trying rather than trying to get another /30 from the ISP for your wan interface)
 
Upvote 0 Downvote
B

bill001g

Titan
Aug 9, 2012
28,279
2,741
125,640
Don't use a interface based nat command. Just put in static nat entries for the address.

First build a network with all private addresses in the back and be sure it works.

Lets say you use 10.18.1.5 and 172.18.22.8 for your server addresses...you have a very complex network :)

Now lets say you have the subnet xxx.xxx.xxx.1/29. and you want to use xxx.xxx.xxx.2 and xxx.xxx.xxx.3 for these 2 servers.

You put in a static nat IP NAT INSIDE SOURCE STATIC 10.18.1.5 xxx.xxx.xxx.2 and IP NAT INSIDE SOURCE STATIC 172.18.22.8 xxx.xxx.xxx.3

Now the only other tricky bit is you will need to put in some dummy static routes to cause the returning traffic to go correctly. Routing is done before NAT on traffic coming from the outside. So even though it overlaps your port you put in
IP ROUTE xxx.xxx.xxx.2 255.255.255.254 ??.??.??.?? (whatever your firewall address is)

Note I am being tricky here you can of course use 2 /32 routes.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom