2 Real IP addresses in same subnet on 2 interfaces for VPN (Same router)

Unanswered Question
Apr 29th, 2007

Here is what I am trying to accomplish, if someone could provide me with suggestions on how to create this configuration, I'd greatly appreciate it. I can manage the cisco IOS, but I think what I'm trying to accomplish here is advanced beyond my current knowledge. Thanks!

My router has a Wic with an IP address that is connected to my ISP. I've been given static external ip addresses x.x.x.1 with subnet 255.255.255.240. I have 2 internal LANs 10.4.2.0 255.255.255.0 and x.x.x.8 255.255.255.248 (whose addresses are being used internally, but fall within the external IP block from the ISP).

What I need is for internal network 10.4.2.0 to forward packets out external IP address x.x.x.2 255.255.255.240, and for internal network x.x.x.8 255.255.255.248 to forward out external address x.x.x.3 255.255.255.240.

Currently what I had setup was 1 cisco 1720 router with the ISP address on the wic, and 1 fastethernet port with external address x.x.x.1 255.255.255.240.

Connected to the 1720 fastethernet I had a hub, with one cable going to a linksys on IP x.x.x.2 255.255.255.240 and internal LAN ip 10.4.2.0 255.255.255.0. I had another cable going to another linksys, with an external IP x.x.x.3 255.255.255.240 and internal LAN ip x.x.x.8 255.255.255.248.

This has been a mess and the linksys vpn routers are not very business oriented. Because the cisco 2620 has so many available ports, and the vpn security bundle, I would really like to remove both the linksys routers, and use just the cisco 2620 to handle my network routing. However, because the 2 external addresses I?m trying to use are on the same external subnet, and because 1 of my internal lan?s falls within the same subnet as the external IPs also, I?m at a loss for what to do.

Just as a side note? I inherited this network mess from the previous network admin? because client VPNs are involved, I need to try and keep the network LAN ip?s the same? and the external ones as well? Otherwise, I probably would have thrown this whole thing out the door and designed it from the ground up.

Cisco 2620 router with VPN/K9 bundle. IOS 12.0

My router has 1 (T1) Wic, 1 FastEthernet, and 4 ethernet ports.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mohammedmahmoud Sun, 04/29/2007 - 23:28

Hi there,

Looks like we can do it via PBR, but can you attach a network digram, via visio if available.

BR,

Mohammed Mahmoud.

aloerch Mon, 04/30/2007 - 04:35

Yes I absolutely can do that. It will take a couple hours from now before I can access the diagram to put up here.

aloerch Mon, 04/30/2007 - 06:37

Here are 2 visio diagrams. The one named "Current.vsd" is our current layout, the second, "Goal.vsd" is something along the lines of what I need to accomplish, if possible. Thank you!

Attachment: 

Actions

This Discussion