Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Through two ISP there are external inquiries to an internal resource in LAN

Whether It is possible to make static translation on router in that case:

there are two public IP addresses (from two providers), on each address the same port is used.

also there is a server in a private network with one IP and one port.

DMZ Server(Private IP:12222)<->ASA<->C2811(ISP1 IP:12222;ISP2 IP:12222)

Whether such configuration is possible?

Any help and/or recommendations are welcomed.

2 REPLIES
Gold

Re: Through two ISP there are external inquiries to an internal

Using a static NAT from 2 different ISP to a single inside machine is easy. Your problem is more the return traffic. You need to somehow make the traffic returning from the server to the user to go back out the same ISP as it came in from. By the time the packet gets to the end server all it has is its private address and the actually source address. Even it knew about both ISP routers it has no way to know which is better.

Hall of Fame Super Gold

Re: Through two ISP there are external inquiries to an internal

Hi,

You will find that when using NAT in IOS, returning traffic is not a issue. This is because the way NAT works, it builds "translations" that contains the outgoing interface, so everything should work fine with minimal configuration.

Of course this will require all the NAT config to be in the router, as opposed to the ASA for the proposed config.

(side note, ASA is a bit redundant when used with a well-configured router, but that is another issue).

Hope this helps, please rate post if it does!

104
Views
0
Helpful
2
Replies
CreatePlease login to create content