Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
363
Views
0
Helpful
1
Replies

PATing Multiple public IP's

meofcourse
Level 1
Level 1

‎01-03-2008 03:26 PM - edited ‎03-05-2019 08:16 PM

Hi,

We have received from our ISP multiple ip addresses. We want to move one of our web servers to this location, however we already have a web server from a different domain here. The DNS all make sense, how ever what doesn't make sense is how to configure the PAT to allow all the web requests on ip address to go to the one server, and all the other requests to go to the other server. We tried to create a secondary ip address on the public interface, to accomplish this.

The ACL's for the pat are as follows:

access-list 2 remark SDM_ACL Category=2

access-list 2 permit 10.10.50.0 0.0.0.255

access-list 3 remark SDM_ACL Category=2

access-list 3 permit 10.10.30.0 0.0.0.255

access-list 3 permit 10.10.10.0 0.0.0.255

access-list 3 permit 10.10.60.0 0.0.0.255

access-list 3 permit 10.10.20.0 0.0.0.255

The NAT Configuration is a follows:

ip http server

ip http access-class 4

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat pool X.X.X.42 X.X.X.42 X.X.X.42 netmask 255.255.255.0

ip nat pool X.X.X.22 X.X.X.22 X.X.X.22 netmask 255.255.255.0

ip nat source static udp 12.12.12.1 3389 interface FastEthernet0/0 3389

ip nat inside source list 2 pool X.X.X.42 overload

ip nat inside source list 3 pool X.X.X.22 overload

ip nat inside source static tcp 10.10.10.151 80 interface FastEthernet0/0 80

ip nat inside source static tcp 10.10.30.1 3389 interface FastEthernet0/0 4003

ip nat inside source static tcp 10.10.30.2 3389 interface FastEthernet0/0 4000

ip nat inside source static tcp 10.10.20.2 3389 interface FastEthernet0/0 4001

ip nat inside source static tcp 10.10.10.2 3389 interface FastEthernet0/0 4004

ip nat inside source static tcp 10.10.10.151 9000 interface FastEthernet0/0 9000

ip nat inside source static tcp 10.10.10.151 110 interface FastEthernet0/0 110

ip nat inside source static tcp 10.10.10.151 143 interface FastEthernet0/0 143

ip nat inside source static tcp 10.10.10.151 25 interface FastEthernet0/0 25

ip nat inside source static tcp 10.10.50.23 80 X.X.X.42 80 extendable

The public interface is a follows:

!

interface FastEthernet0/0

description $ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$$FW_OUTSIDE$$ETH-LAN$

bandwidth 4096

bandwidth receive 4096

ip address X.X.X.42 255.255.255.0 secondary

ip address X.X.X.22 255.255.255.0

ip verify unicast reverse-path

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip flow ingress

ip flow egress

ip nat outside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

no mop enabled

!

Is there any one who can shed some light on this?

Thanks

Labels:
0 Helpful
1 Reply 1

owillins
Level 6
Level 6

‎01-09-2008 01:01 PM

You can enable PATing for the inside users.

Here are the commands we can enter in such case:

nat (inside) 100 x.x.x.x 255.255.255.0

global (outside) 100 y.y.y.y

x- network address

y - public address

for the outside initate you should enabel separate commands.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card