RE: Representing internal server with 2 different Public IP from Tyson Scott on 2010-04-28 (Ccielab archives 04/2010)

From: Tyson Scott <tscott_at_ipexpert.com>
Date: Wed, 28 Apr 2010 12:22:22 -0400

controlling based on connections seems very logical and feasible for sure.
The problem is in practice it isn't there.

(I was just razing you on the word ;)

Regards,

Tyson Scott

-----Original Message-----
From: Carlos G Mendioroz [mailto:tron_at_huapi.ba.ar]
Sent: Wednesday, April 28, 2010 12:04 PM
To: Tyson Scott
Cc: 'Jack Router'; 'Cisco certification'
Subject: Re: Representing internal server with 2 different Public IP

Right, sorry for the wrong word.
I don't see why it would require different interfaces though, although
the examples are written that way.

Again, from a conceptual point of view, this is doable (incoming conns).
If this is not configurable in ASAs or IOS based devices, it is because
lack of flexibility, and might be get done with some trick.

-Carlos

Tyson Scott @ 28/04/2010 12:29 -0300 dixit:
> Ahhh... but now you are speaking of a feature that is an IOS NAT feature,
> (the right word is extendable), which also requires some uniqueness to
> identify the traffic. IE different output interfaces on the router.
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
> Technical Instructor - IPexpert, Inc.
> Mailto: tscott_at_ipexpert.com
> Telephone: +1.810.326.1444, ext. 208
> Live Assistance, Please visit: www.ipexpert.com/chat
> eFax: +1.810.454.0130
>
> -----Original Message-----
> From: Carlos G Mendioroz [mailto:tron_at_huapi.ba.ar]
> Sent: Wednesday, April 28, 2010 11:22 AM
> To: Tyson Scott
> Cc: 'Jack Router'; 'Cisco certification'
> Subject: Re: Representing internal server with 2 different Public IP
>
> It should not be impossible to do it... as far as only incoming
> connections to the port are being natted. Isn't that what extensible is
> for ?
>
> -Carlos
>
> Tyson Scott @ 28/04/2010 12:12 -0300 dixit:
>> As what you are trying to do on the firewall is impossible move the
>> requirement back to the server. Configure a second IP on the NIC.
Search
>> Google for how to do this based on the operating system the server is
>> running. Both Linux and Windows support this feature.
>>
>> Next time put OT: <followed by subject> in the subject field. That is
the
>> courtesy requirement of group study. This is not related to the CCIE
> exam.
>> Regards,
>>
>> Tyson Scott - CCIE #13513 R&S, Security, and SP
>> Technical Instructor - IPexpert, Inc.
>> Mailto: tscott_at_ipexpert.com
>> Telephone: +1.810.326.1444, ext. 208
>> Live Assistance, Please visit: www.ipexpert.com/chat
>> eFax: +1.810.454.0130
>>
>>
>> -----Original Message-----
>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Jack
>> Router
>> Sent: Wednesday, April 28, 2010 10:27 AM
>> To: 'Cisco certification'
>> Subject: RE: Representing internal server with 2 different Public IP
>>
>> Still curious why you want to do this...
>> What about configuring the server with two internal IPs and then redirect
>> with two different rules on the firewall ?
>>
>>
>> -----Original Message-----
>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
>> imran mohammed
>> Sent: 28-Apr-10 09:36
>> To: Cisco certification
>> Subject: Re: Representing internal server with 2 different Public IP
>>
>> Hi,
>>
>> The requirement is I need to represent internal server with 2 different
>> public ip.
>>
>> Example
>>
>> When I hit the firewall 10.1.1.1 on outside it should redirect to
20.1.1.1
>> (internal server)
>> If I hit with 30.1.1.1 on outside it should redirect to same ip 20.1.1.1
>> (internal server)
>>
>>
>> Regards
>> Imran
>>
>> On Wed, Apr 28, 2010 at 5:02 PM, imran mohammed
>> <imran4cisco_at_gmail.com>wrote:
>>
>>> Hi All,
>>>
>>>
>>> Is there any way we can represent internal server with 2 public Ip
>> address.
>>> static (inside,outside) tcp 88.x.x.49 smtp 192.168.0.55 smtp
>>> static (inside,outside) tcp 88.x.x.51 smtp 192.168.0.55 smtp
>>>
>>> The above command doesnt work.I know it doesnt make sense but that is
the
>>> requirement.
>>>
>>> I tried this as well doesnt work
>>> static (inside,outside) tcp 88.x.x.49 smtp 192.168.0.55 smtp
>>> static (inside,outside) tcp 88.x.x.51 2043 192.168.0.55 smtp
>>>
>>> Is there anyway to do this.
>>>
>>> Regards
>>> Imran
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net

Received on Wed Apr 28 2010 - 12:22:22 ART

This archive was generated by hypermail 2.2.0 : Sat May 01 2010 - 09:49:57 ART