Re: Representing internal server with 2 different Public IP

Hi Tyson-

I had this in a lab i created a while back. As far as reliability, it was enough for a student to get 2 points. :) When clients connect to the global outside addresses, it would be an un-translation on the ASA. If the server initiated traffic, I see how it may be questionable regarding which translation would be used for that traffic going outbound.

So, in short: lab only.

Best wishes,

Keith

> Keith,
>
> Did you find it reliable? In the past when I have used this I have seen
> communication forwarded from the wrong NAT? I found it to be inconsistent
> for a production service? Did you implement it in production or Lab?
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Keith Barker
> Sent: Wednesday, April 28, 2010 1:44 PM
> To: 'imran mohammed'; 'Cisco certification'
> Subject: RE: Representing internal server with 2 different Public IP
>
> Imran -
>
> I have done it before on the ASA with the following:
>
> access-list policy_nat_web1 extended permit ip host 192.168.100.50 any
>
> access-list policy_nat_web2 extended permit ip host 192.168.100.50 any
>
>
> static (inside,outside) 24.16.171.125 access-list policy_nat_web1
>
> static (inside,outside) 24.16.171.126 access-list policy_nat_web2
>
> Also, just looking at the responses, I see that Swap posted that same about
> an hour ago.
>
> Best wishes,
>
> Keith
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> imran mohammed
> Sent: Wednesday, April 28, 2010 6:36 AM
> To: Cisco certification
> Subject: Re: Representing internal server with 2 different Public IP
>
> Hi,
>
> The requirement is I need to represent internal server with 2 different
> public ip.
>
> Example
>
> When I hit the firewall 10.1.1.1 on outside it should redirect to 20.1.1.1
> (internal server)
> If I hit with 30.1.1.1 on outside it should redirect to same ip 20.1.1.1
> (internal server)
>
>
> Regards
> Imran
>
> On Wed, Apr 28, 2010 at 5:02 PM, imran mohammed
> <imran4cisco_at_gmail.com>wrote:
>
>> Hi All,
>>
>>
>> Is there any way we can represent internal server with 2 public Ip
> address.
>>
>> static (inside,outside) tcp 88.x.x.49 smtp 192.168.0.55 smtp
>> static (inside,outside) tcp 88.x.x.51 smtp 192.168.0.55 smtp
>>
>> The above command doesnt work.I know it doesnt make sense but that is the
>> requirement.
>>
>> I tried this as well doesnt work
>> static (inside,outside) tcp 88.x.x.49 smtp 192.168.0.55 smtp
>> static (inside,outside) tcp 88.x.x.51 2043 192.168.0.55 smtp
>>
>> Is there anyway to do this.
>>
>> Regards
>> Imran
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Apr 28 2010 - 18:10:21 ART