Two diffierent blocks of public IP Addresses from ISP

Unanswered Question
Feb 10th, 2009

I have a block of IPs from ISP that are currently in use. I have received a second block of IPs for additional use. However, I need assistance in adding new route to allow my current network to communicate to new IP Block.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Richard Burts Tue, 02/10/2009 - 11:27


We could give better answers if we knew a bit more about your network. What kind of device are we talking about (router, layer 3 switch, ASA/PIX)? What is the topology of the inside network? What is the routing logic and protocol used inside the network? Are you translating addresses of the first block on your outside device or somewhere else? Do you want to translate the second block in a similar way?



jim_berlow Tue, 02/10/2009 - 13:17

What...more info please? Leo I can't follow what you are attempting to do.


lgsecurity1st Tue, 02/10/2009 - 14:27

i am using a 1720 router. My internal ip is a class A network (10.51.x.x). my firewall is translating my internal IPs to my public IPs provided by my ISP. My current block of IPs is is my internal FastE. My ISP interface is is my S0. I only have an ip route of in order for any of my internal IPs to access the internet. I need assistance on how to add another route for my internal IPs to access the new block of IPs

Richard Burts Tue, 02/10/2009 - 20:15


Thanks for the additional information. Just to be sure that I am understanding it correctly here is part of what I think you told us. You have a 1720 router whose serial interface connects to the ISP using a public IP address (in a separate address block), and the FastEthernet interface connects to a firewall and your inside network using an address in the block that the ISP assigned to you. The router FastEthernet interface has a public IP address from the provider (and I assume that your firewall has another public IP address in that subnet). The firewall is translating traffic from the private addresses in your network into the public addresses provided by your ISP. If any of this is not correct please provide corrections.

Perhaps some details about how your firewall is functioning would help. Are there servers in your internal network that are being statically translated into public addresses (which makes them reachable from the Internet)? Is there a pool of addresses which the firewall uses for dynamic NAT? Is the firewall performing PAT to translate inside addresses using its outside interface address?

And it would be helpful to know how you intend to use the new address block from the ISP. Are there servers that you would like to do static NAT using the new address block, so that they are reachable from the Internet? Do you want to establish a new address pool so that the firewall can do dynamic NAT for inside addresses using the new pool of addresses?

Having asked these questions, one thing becomes a bit more clear to me. Your original post (and to some degree this most recent post) have asked about how to establish a new route (to the outside ISP). I do not believe that you need an additional route. The existing static default route, which you mention in this post will continue to work just fine as you start to use the new address block.

I believe that the real question for you is how do you want to use the new address block (what kind of translation do you want to do with it) and not how to set up a new route.



sujitkr7cisco Sun, 02/15/2009 - 10:48

you can use simple static route on inter rnet router with your lan s interide face to the router i.e,

iproute A.b.c.d fastinerface 0/1.

and jus use nat on firwall if firewall is in network.



Paolo Bevilacqua Sun, 02/15/2009 - 11:04

Here above an example of static route that should NEVER be done, pointing to a LAN interface instead of next-hop. That causes router to ARP for all destinations, usually resulting in very poor performances.

Sujeet, please make sure you have full command of the matter before answering, not to mention the many spelling errors. You can generate confusion and cause readers to mae mistakes.

sujitkr7cisco Mon, 02/16/2009 - 11:28

lol, you can check....... and thanks for suggetion, I will take care.

Thanks ,



This Discussion