Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

5510 Multiple Static IPs with PPPoE 1

Status
Not open for further replies.
ssjaken

ssjaken

IS-IT--Management
May 17, 2010
4
US
Hi everyone. I have a cisco 5510 router. The idea is we need to get this one server to be live on the internet with 3 separate IP addresses forwarding to the single address inside. We get to the cloud via PPPoE.

I am using the ASDM 6.3 manager. How would i get the 3 different ip address to become live and accessible with PPPoE. I thought that creating virtual interfaces and giving them static pppoe ip addresses and linking them to the main REAL interface that we would be able to get those live to the cloud. But so far i am unsuccessful.

secondly once the three additional addresses are live, i need to forward them to an internal address. Would it be best to make these rules in the NAT firewall or the ACL.
 
Sort by date Sort by votes
you should post this on the Cisco ASA forum

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
could i get a mod to move this for me then? i've been banging my head on this one for about a week and im super lost. any help would be so much appreciated
 
Upvote 0 Downvote
unfortunately, there are no forum admins here so you'll need to re-post. this is one of many features that the site should have

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Actually, you can NAT all inside servers to your outside interface, statically PAT---easiest way without wasting public IPs...

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Upvote 0 Downvote
damnit Burt, now isn't the time for that!!! you're breaking the rules!!! :p

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Ha ha ha ha ha...

"If you don't know me by now...you will never ever ever know me...oooh oo oo oo ooooohhh..."lol

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Upvote 0 Downvote
we got a block of 12 ip addresses from our ISP. The guys who wrote the software that runs on this server told me that this stuff needs to be super specific. Kind of a dick lol. 3 external ip's going to the same single ip on our network. Just different ports. SSH SIT PROD and STAGE protocols.
 
Upvote 0 Downvote
Well, they can be the same outside IP address simply because the protocol is specified anyway. For example, if I natted ssh (22), http (80) and https (443) all to the same server, to the same outside ip address (22.1.1.2), then each app is handled and sent differently...

PuTTy to ssh, ssh -l root 22.1.1.2
that tells the router, node or whatever is doing ssh to go to that ip address via that port. The ASA then translates that ip address and maps port 22 to the inside ip address.

I want to go to the secure website...


or say it's natted to port 8080...


see what I mean? I am not sure the commands in an ASA, but in a Cisco router, it would be

ip nat inside source static tcp 192.168.1.3 80 interface dialer0 80

that NATs the outside interface address (dialer0) to the inside ip address to port 80...port forwarding, or static NAT.

You can do this with one ip address or three public ip addresses---it makes no difference what the ip address(es) is (are), the protocol (layer 4) still needs to be specified when making the connection. Now lemme Google real quick...brb...

Crap...here's how to do it with ASDM...


OK---apparently it's a static statement...

static (inside,outside3) 12.1.1.3 192.168.1.3 netmask 255.255.255.255

that example is naming one of the interfaces "outside3". I think you can specify the port/protocol after the ip address...

static (inside,outside) 12.1.1.2 ssh 192.168.1.2 netmask 255.255.255.255

but again, the protocol would not matter in this case since each inside host has it's own outside address for translation, and the protocol gets specified by the sender.

@@@@@@@@@@@@@@@@@@@@@@---OR---@@@@@@@@@@@@@@@@@@@@@

You can just create a DMZ with the three ip addresses and not NAT anything.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Upvote 0 Downvote
thanks burt. i think just putting the server on the DMZ might be the most painless option. The guy who wrote the software was super specific on the firewall specifications. Its a record management server where people from all over the state go and....put records in hah.

another, how can i get the extra static IP's to authenticate on the internet. I cannot for the life of me figure out how to get these extra addresses to work.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

stanlyn
  • Locked
  • Question
HowTo Install Multiple PAP2T ATA Devices on Same Lan
Replies
3
Views
301
iggsterman
iggsterman
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
536
BIS
BIS
inlsp05
  • Locked
  • Question
2811 ios start with cf
Replies
0
Views
191
inlsp05
inlsp05
khashyar2021
  • Locked
  • Question
Problem with cisco switch after upgrading
Replies
1
Views
262
Geraldine Souza
Geraldine Souza
Collab_Guy
  • Locked
  • Question
Anyone using automation with their CUCM?
Replies
1
Views
191
kyle555
kyle555

Part and Inventory Search

Sponsor

Back
Top