Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
2
Replies

ADSL termination w/ multiple IP address and NAT / DMZ ?

shahedvoicerite
Level 1
Level 1

‎01-08-2007 08:26 AM - edited ‎03-05-2019 01:39 PM

Hi,

I have a 2811 router with 2 FastEthernet ports and plan to add a ADSL card.

I have a block of 16 ip address on the ADSL line.

What I want to achieve is

1. One FastEthernet interface (with subinterfaces) is connected to the local VLAN's

2. The router should have a public IP address so that it can terminate VPN clients / perform NAT for the internal networks.

3. I now also have several servers that need Public IP addressess to be connected to the router.

If I terminate my ADSL ISP on the Dialer0 interface, and give it an IP address, I assume I cannot assign an IP address in the same subnet for one of the FastEthernet ports ?

(If I could, then I could plug that interface into a switch and connect my hosts to the switch)

In such a case, Do I have to setup a DMZ ? I dont want to perform NAT/PAT to be able to access the hosts with public IP addresess.

Thanks

Labels:
0 Helpful
2 Replies 2

spremkumar
Level 9
Level 9

‎01-08-2007 08:46 PM

Hi Shahed

If you are having same ip being assigned to you by your SP on the ADSL connection then you can have your VPN Clients logging onto the router using that ip.

If you are not getting the same ip all the times then better make the clients to get the vpn established to your ethernet interface assigned with the public ip taken from the ip pool..

I also would suggest to create access-lists so that you allow the vpn clients to access only the limited resources and not all of them..

regds

0 Helpful

shahedvoicerite
Level 1
Level 1
In response to spremkumar

‎01-08-2007 11:53 PM

Hi Premkumar,

I think you misunderstood my main problem.

I want to be able to host a web / dns server with a public IP address, as I already have 16 IP addresses allocated to me.

After a bit of reading, I found out that I can do the following :-

1. For my public web servers use Static NAT

2. Additionally put them in a DMZ for added security.

The only thing that I wanted to avoid, was using static NAT.

My old ISP provided me with a ADSL modem, with a 4 port switch. I could simply plug in devices, and give them public addresses, from my allocated pool.

I was wondering if I could do the same if I terminated the ADSL on a router, but it looks unlikely, and I guess I would have to use static NAT.

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card