Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Connection on multiple WAN IP addresses-Cisco 2951

Hi guys,

I need help configuring my Cisco 2951 router with Z0ne-based firewall. This is the scenario I would like to configure.

I have two ftp servers,S1 and S2, behind the router which needs to be accessed by two groups of users, G1 and G2, from the outside, i.e., from the internet.

I have two public IP addresses, 152.12.164.203 and 152.12.164.204. The WAN interface of the router is configured with IP address 152.12.164.203. G1 needs to access S1 on 152.12.164.203 and G2 needs to access S2 on 152.12.164.204.

What are the steps in configuring the router if I need the above scenario to be implemented?

Thank you for your help!

Regards,

Vishal

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Connection on multiple WAN IP addresses-Cisco 2951

I think you need to assign the second public ip on the wan interface as a secondary ip. Same command but use secondary after, and then use static mapping to each of the 2 sites. You can use extended acl as the source for nat mapping to permit only ftp to those servers, and don't forget to permit other traffic if needed.

Eugen

5 REPLIES
Bronze

Re: Connection on multiple WAN IP addresses-Cisco 2951

Hi Vishal,

Have a read thru this

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f31.shtml

http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1cipadr.html#wp4593

And combine those with an extended ACL on outside interface to permit only those 2 networks to access ftp.

Eugen

New Member

Connection on multiple WAN IP addresses-Cisco 2951

Hi Eugen,

Thank you for your reply. I have a question: Do I need to configure a logical interface to allow my WAN interface which is on 152.12.164.203 to also use 152.12.164.204?Is a logical interface needed at all?

Thank you.

Kind regards,

Vishal

Bronze

Connection on multiple WAN IP addresses-Cisco 2951

I think you need to assign the second public ip on the wan interface as a secondary ip. Same command but use secondary after, and then use static mapping to each of the 2 sites. You can use extended acl as the source for nat mapping to permit only ftp to those servers, and don't forget to permit other traffic if needed.

Eugen

New Member

Re: Connection on multiple WAN IP addresses-Cisco 2951

Thank you Eugen. That was simple. It works fine.Wow,that's great!now i can enjoy my weekend!

Youhou!!

Thanks mate..

Kind regards,

Vishal

Date: Fri, 10 Feb 2012 20:37:00 -0700

From: supportforums-donotreply@supportforums.cisco.com

To: vishal90216@hotmail.com

Subject: - Re: Connection on multiple WAN IP addresses-Cisco 2951

Home

Re: Connection on multiple WAN IP addresses-Cisco 2951 created by eugen barticel in WAN, Routing and Switching - View the full discussion

I think you need to assign the second public ip on the wan interface as a secondary ip. Same command but use secondary after, and then use static mapping to each of the 2 sites. You can use extended acl as the source for nat mapping to permit only ftp to those servers, and don't forget to permit other traffic if needed.

Eugen

Reply to this message by going to Home

Start a new discussion in WAN, Routing and Switching at Home

Bronze

Connection on multiple WAN IP addresses-Cisco 2951

Glad to help

Please mark it as answered so other people looking for a solution can check it.

Eugen

716
Views
0
Helpful
5
Replies
CreatePlease to create content