11-30-2007 01:59 AM - edited 02-21-2020 03:24 PM
hello all
I have 3 site connected with vpn IPSec. clients of each site are connected to SQL DB on serverX. Some time is needed to drop the serverX and to connect all clients to server on site 2. What i want to do is to configure a static nat for this serverY and to have all clients still connected on this Ip of 192.168.40.3.
Any advice, any example will be appreciated.
Thank you
ADI
11-30-2007 11:19 AM
Hello. Can you please clarify the question?
You want to decomission serverX and use serverY instead -- but still use the same IP address that was on ServerY?
Or did I completely misunderstand the question?
12-01-2007 10:22 AM
hello.
At the three sites we have users that are using a application connected to MSsql DB on serverX through tcp/ip. For maintenance reasons we need to drop these one and have to make a new connection to serverY. All clients points to ServerX , using nat on respective routers connected with VPN is it possible to translate the serverY IP with static nat to the serverX's Ip? It is clear that clients on second site will not use this one but the other two site may have the possibility to profit by nat.
regards.
12-02-2007 05:40 PM
Ok, I understand now. What you want to do is change the destination IP address in the packet -- essentially re-directing the packet.
This is called DNAT or destination NAT and can be done with a Cisco PIX or ASA http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml or most any firewall device.
You will need to see if you can do it with your router. I do not know if this function is available on the router.
12-03-2007 08:03 AM
the routers have these possibility but i have try to do that but till now without successes
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml
regards.
12-04-2007 08:42 AM
The configuration in that article only shows how to perform source NAT -- the "regular" type of NAT that is commonly used to hide (the source address of) multiple private IPs behind (the source address of) one or more public IPs.
This is not the type of NATing you want to do. I don't think you can do DNAT with a router. I am unable to find a configuration on how to do this. You may need a firewall to do this. Sorry I can't be of more help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide