Access server from remote site via routers and firewall

Answered Question
Nov 15th, 2010
User Badges:

Hi!


As per the diagram, each remote site will need to access the server situated in the main site.

I have configured the routers and firewall.

Please check if this configuration will work.

See attached the configurations and diagram.


Regards,


Alvin

Correct Answer by apothula about 6 years 8 months ago

Hi Alvin,


Did it resolve the issue.


If so, please mark the issue as resolved so that we can give way to newer discussions.


Cheers,


Avinash.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
apothula Mon, 11/15/2010 - 04:51
User Badges:
  • Bronze, 100 points or more

Hi Alvin,


global (outside) 3 10.0.0.30 netmask 255.255.255.255
nat (inside) 3 ServerIP 255.255.255.255


What is this for ?


Also, at the remote site you should be adding a route for the Server IP address specifying the Main Router's IP address as the next hop.


Cheers,


Avinash.

net buzz Mon, 11/15/2010 - 23:19
User Badges:

Dear Avinash,


In the remote site router I have already added the network route:


ip route 172.30.4.1 255.255.255.255 192.168.1.1


where 192.168.1.1 is the WAN IP address of the main router.


The ip nat inside source static 10.0.0.31 172.30.4.1 is supposed to NAT the 10.0.0.31 IP to 172.30.4.1 IP.


Are the global (outside) 3 10.0.0.30 netmask 255.255.255.255 and nat (inside) 3 ServerIP 255.255.255.255 not necessary to permit the server to connect to the remote sites.


Regards,


Alvin

apothula Mon, 11/15/2010 - 23:32
User Badges:
  • Bronze, 100 points or more

Hi Alvin,


You already have a static translation configured for the server.


So, the nat global statements are not required.


Also, please be informed that dynamic pat (nat & global) is unidirectional.


Cheers,


Avinash.

net buzz Tue, 11/16/2010 - 01:43
User Badges:

Ok Avinash.

But I still need the ip nat inside source static 10.0.0.31 172.30.4.1 command to further translate the server IP from 10.0.0.31 to 172.30.4.1 and then configure the remote router with the ip route 172.30.4.1 255.255.255.255 192.168.1.1.


Regards,


Alvin

Correct Answer
apothula Wed, 11/17/2010 - 00:53
User Badges:
  • Bronze, 100 points or more

Hi Alvin,


Did it resolve the issue.


If so, please mark the issue as resolved so that we can give way to newer discussions.


Cheers,


Avinash.

Actions

This Discussion