I have a 1721 and a 1720 connected through their serial interfaces over a T1 connection. The internet is on the Fa0 interface of the 1721 and the Fa0 interface of the 1720 is in my LAN. Previous to this we had a Linksys router connected right to the internet. I had a server in the DMZ of that router so that when I hit the public IP address the server would respond.
Now that we've gone to this new set up I have lost the DMZ ability, Is there a way to configure these routers to either forward ports to a specific IP or to put an internal machine in the DMZ.
The way it would have to work if this is possible is to put the 1720 router in the DMZ of the 1721 and the internal machine in the DMZ of the 1720.
AFAIU from your post both the routers are placed in the same LAN connecting to different locations via T1.
Also the 1721 is acting as the Gateway router for you to go out to the outside world.(Since you got to have the internet connection on the ethernet port of the 1721 router).
I feel you can deploy the necessary CBAC functionalities in this box (1721) in which the internet link is terminated and do a simple nat based on the port no.
if you are using up or hosting the service in the normal port (80) you can just map the port number of the internal server ip to your external public ip (either spare public ip or to your ethernet ip itself).
ip nat inside source static tcp x.x.x.x 80 y.y.y.y 80
x.x.x.x being your servers ip address and y.y.y.y being your public(external) ip address which can be reached from the outside world.
do replace the port values accordingly as per your current hosting service port nos there.
if this doesnt solve your purpose do revert back..
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...