04-20-2017 01:59 AM - edited 03-12-2019 02:14 AM
Hi ,
We are having a server which ip is 10.11.16.21 . We have already NAT it with 115.110.103.11 for the port no. from 80 to 90 . It’s working fine .
Now, we need to map the above mentioned internal ip (10.11.16.21) with the other public ip 115.110.103.14 for the same port no. (80 to 90) . It’s a requirement from our client .
Sample commands executed :
When we execute the 2nd command,it shows an error “duplicate of existing static” .
Kindly guide , how could we do this .
Thanks in Adv. :)
04-20-2017 03:56 AM
A given host can only have a single static NAT for a given port number.
Otherwise how would the firewall know which one to use?
04-20-2017 09:20 PM
Thanks Marvin for reply .
Actually , we want to implement a redundant NAT . Coz , server receives the data from modem . We configure both the public IPs on modem .
Previously this config. was implemented on other firewall called 'Cyberoam' & it was working fine . Now . we are moving it on to cisco FWSM .
04-21-2017 02:57 AM
I don't know what a Cyberoam is but you cannot configure it the way you are trying using a Cisco FWSM.
If you could provide a more complete system explanation we might be able to suggest an alternative.
04-22-2017 04:24 AM
Marvin ,
Can we do one thing . Assign 2 ip addresses to the server of same range viz.10.11.16.21 & 10.11.16.22 . And then map these 2 internal ip addresses with the 2 public ip addresses .
04-22-2017 06:44 AM
That would be ok on the firewall. On the server however, one or the other address would be in use at a given time unless you did some hack of the host routing table.
Its all a bit of a hack - if we knew the overall architecture and requirements we might be able to suggest a more elegant and supportable solution.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide