Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to configure static IPs from ISP

My ISP has provided me with a /24 block of static IP addresses. Can someone please point me in the right direction for configuring my network to use these public addresses. I would like machines on the LAN to be assigned an address from the block and allow connections from the internet to be routed to the particular machine that has been configured with public ip address.

Any help would be appreciated. Thank you.

  • WAN Routing and Switching
Hall of Fame Super Silver

Re: How to configure static IPs from ISP


The way that this is frequently handled is to put the public addresses into a block on the edge device (firewall or router) and to do address translation. End stations (both PCs and servers) on the inside network are translated to these public addresses as they go to the Internet. The servers that need to be accessible from the Internet would have static translations configured and the other stations would be translated dynamically.



New Member

Re: How to configure static IPs from ISP

Thank you for your quick response Rick. Our block is /24 and we would like to add some clients in the building and operate as a mini ISP for some of the offices. How would this change the configuration you described above?


Re: How to configure static IPs from ISP


As Rick mentioned, public ip addresses is usually put in the edge device (firewall or router).

Between you and your ISP, there should be a smaller subnet to use for your edge device, /30 or /29 perhaps and this /24 is routed from your ISP to your edge device.

Now, between your edge device and your clients, what is the network architecture? Is it L2 or L3? If it's only L2, then you will be doing the NAT to your edge device - you can still perform subnetting so that you can QoS your client bandwidth use using the subnet assigned to them. If it's a L3, then you have to assign subnets per client edge device and perform the necessary routing of subnet assigned to your client to their edge device - they may be managing their edge device.

To make it simple, you can setup the architecture between your edge device and your client and create a policy which is permitted and which not.