cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1386
Views
4
Helpful
7
Replies

Configure a server's WAN (exit) IP?

Brook Powers
Level 1
Level 1

We have cable internet with 5 assigned static IP addresses.

The UC-540 is assigned say 8.8.8.10

Our SBS 2011 server is assigned 8.8.8.11 with ports 25/80/443/3389 NAT'd to 92.168.10.10 on the LAN

All server (192.168.1.10) traffic must exit the network via 8.8.8.11 in order to eliminate multiple issues (email, vpn, etc).

Currently when I point the server's browser at http://whatismyip.com, the website returns the UC540 gateway IP of 8.8.8.10 in my example.

I need the website to return 8.8.8.11 instead.

Any help appreciated.

1 Accepted Solution

Accepted Solutions

Hello,

My apologies, I didn't provide you the correct instructions.

You first need to define the pool of available external IP addresses to use. In this case, just the 1 external IP for the server.

Then you need to create the NAT mapping where you tie the internal and external IPs. Make sure to set the NAT mapping for all ports.

Thanks,

-john

View solution in original post

7 Replies 7

johschaf
Level 4
Level 4

Hello,

You can do this in CCA under: Configure -> Security -> NAT. Then you need to define a NAT pool with the external IP and internal IP.

Thanks,

-john

Ive taken you advise and deleted, receated, restarted and still the same result.

Any ideas?

Hello,

My apologies, I didn't provide you the correct instructions.

You first need to define the pool of available external IP addresses to use. In this case, just the 1 external IP for the server.

Then you need to create the NAT mapping where you tie the internal and external IPs. Make sure to set the NAT mapping for all ports.

Thanks,

-john

John,

That worked. Thanks much.

The secret is to delete all the pools.

Then, create the new pools.

Finally to create the proper NAT mapping.

It may have helped to wr and restart the UC540 as well.

Cisco should make CCA apply in changes in the correct order in the next relase.

If I map the for all ports to make this work, isnt that a security issue?

It seems to me that I will have to put a firewall behind the UC540 firewall to protect the Small Business Server having having all ports exposed to the internet.

The UC540 has to be at the edge of the network to do QOS.

It would be kind of silly to put a firewall behind the UC540.

Does anyone have any ideas?

Hello Brook,

NAT settings are different from the ACL settings.

You may nat the external address to a certain internal ip but in the ACL on the WAN port you may allow only the needed traffic to pass.

HTH,

Alex

*Please rate helpful posts

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: