Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Same IP on different interfaces

I have strange situstion in wich same IP address can come on two different interfaces. One interface is location primary link end on second interface is backup link. Server to wich clients have to access is on third interface. Is it possible to configure fw so it will accept trafic from address A on both incoming interfaces?

Thanks!

3 REPLIES

Re: Same IP on different interfaces

I am not too sure what you mean .. can you explain a bit more .. what do you mean by the same IP comming on two different interfaces ..? is the IP address on the Public internet which can access your internal server by two ISP links .. ?

If this is the case then there is not problem just apply the accesslist to the respecive interface .. i.e

access-group 100 in interface1

access-group 100 in interface2

access-list 100 permit host X.X.X.X host y.y.y.y

access-list 100 permit host X.X.X.X host z.z.z.z

you will need 2 static nat one per each interface

static (inside,interface1) y.y.y.y PrivateIP1 255.255.255.255

static (inside,interface2) z.z.z.z PrivateIP2 255.255.255.255

where PrivateIP2 is a virtual IP or a secondary Ip of your internal server.

is this clear to you ..?

New Member

Re: Same IP on different interfaces

I have primary link for location on interface A subnet. When location lose primary link it dials into ISDN router wich is on interface B subnet. So I have situation that one subnet, from location, can come to fw on two interfaces, A and B. Server is on interface C and client address needs to be translated to some address on interface C, always same address, not depending on source interface, A or B

Re: Same IP on different interfaces

You would need to use dynamic routing (OSPF or RIP) because static routes would violate anti-spoofing (reverse-patch verify).

Your two "outside" PIX interfaces would need different IP addresses and therefore different static NATs, unless you used policy NAT somehow.

127
Views
0
Helpful
3
Replies
CreatePlease to create content