How to configure static IPs from ISP

Unanswered Question
Feb 11th, 2008
User Badges:

My ISP has provided me with a /24 block of static IP addresses. Can someone please point me in the right direction for configuring my network to use these public addresses. I would like machines on the LAN to be assigned an address from the block and allow connections from the internet to be routed to the particular machine that has been configured with public ip address.

Any help would be appreciated. Thank you.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Mon, 02/11/2008 - 10:58
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


The way that this is frequently handled is to put the public addresses into a block on the edge device (firewall or router) and to do address translation. End stations (both PCs and servers) on the inside network are translated to these public addresses as they go to the Internet. The servers that need to be accessible from the Internet would have static translations configured and the other stations would be translated dynamically.



ram13cisco Mon, 02/11/2008 - 11:03
User Badges:

Thank you for your quick response Rick. Our block is /24 and we would like to add some clients in the building and operate as a mini ISP for some of the offices. How would this change the configuration you described above?


Danilo Dy Sat, 03/01/2008 - 19:34
User Badges:
  • Blue, 1500 points or more


As Rick mentioned, public ip addresses is usually put in the edge device (firewall or router).

Between you and your ISP, there should be a smaller subnet to use for your edge device, /30 or /29 perhaps and this /24 is routed from your ISP to your edge device.

Now, between your edge device and your clients, what is the network architecture? Is it L2 or L3? If it's only L2, then you will be doing the NAT to your edge device - you can still perform subnetting so that you can QoS your client bandwidth use using the subnet assigned to them. If it's a L3, then you have to assign subnets per client edge device and perform the necessary routing of subnet assigned to your client to their edge device - they may be managing their edge device.

To make it simple, you can setup the architecture between your edge device and your client and create a policy which is permitted and which not.




This Discussion