Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

bogus ip and real ip on same ethernet interface

hello,

i have a cisco 805 (1LAN 1 WAN) running ios 12.0(7)I

the lan is on a bogus ip range, and so the ethernet interface has a bogus ip, and we are

running a NAT.

now, one of our computers needed to have a global ip (to test an application where it had to

talk to a machine on the internet). so a global ip was configured on it.

however it did not use the local ip and local gateway to connect to the internet. therfore,

a real ip was configured for the cisco's ethernet interface as a secondary ip. this ip was

put as the computer's secondary gateway.

this way, the computer could connect to the internet. now the problem is that the other

computers which had the NAT configured, seems to have opened all the ports to those

machines.

for example, the web server had the port 80 opened through the NAT. now all its ports are

accessible from the internet.

can anyone throw any light on this?

i require the following:

1) the NAT to be intact

2) enable the computer with the global ip to get on the internet

3) computers on the internet should be able to directly access this computer with the global

ip

many thanks,

kaushal

1 REPLY
New Member

Re: bogus ip and real ip on same ethernet interface

The best way to do this is to have a static NAT translation configured for your server on the router. This means that the server can retain is private/bogus IP address along with all your browsing clients. On the router though, you need to map a public/internet IP address to that of the servers private/bougs ip address. Then, when internet users connect to the public address of the server, the router will translate and direct all connections to your servers private IP address.

.

This offer a mild increase in security as well !!!

.

Look on CCO for example of static NAT translations, a common example is that used for SMTP mail servers and WEB servers.

257
Views
0
Helpful
1
Replies
CreatePlease login to create content