Multiple IPs

[teqmem]

Hello,

I have a Windows 2003 Server that uses a NAT IP. I have a requirement to write web service client programs that will run on this server and connect to a remote server on port 443. The remote firewall administrators told me that since I have a NAT IP, they can't allow my traffic into their network. So we plan to buy a static IP and install it on our server.

My question is that even if I install a static IP and have the remote administrators allow this IP in, how can I ensure that the packets from my programs use the static IP and not the NAT IP so the packets would be allowed into the remote network.

I can't remove the NAT IP as it has DNS links and would require a lot of paper-work and approvals.

Thank you.

 

[TheLad]

I presume that you are using IIS? If this is the case, you can configure the IIS website to use a specific IP address (I assume other web services have the same functionality). In this case it would be your static IP.

View the Properties of the website to see what needs configuring.

--------------------------------------
"Insert funny comment in here!"
--------------------------------------

 

[TechyMcSe2k]

Sounds like you are talking about a static public IP on the outside of your router/firewall. Your PAT (PAT=port IP translation) should send all traffic coming in to the public IP to your server (which would be a manually set internal IP by the admin). The traffic coming out of your network would then be revese translated from your internal server IP to the outside Public IP (NAT)and then proceed on to your remote server and it would tell the remote site that your traffic was originating from the Public IP and not an internal private network NAT address.

Network Address Translation (NAT) is used for "outbound" connections,
translating network messages on the private LAN to those that can go
to the internet. A computer on the private LAN can initiate
connections to the internet (and replies get through), but a computer
on the internet cannot initiate a connection to a computer on the
private LAN.


Port Address Translation (PAT) is used for "inbound" connections,
routing internet messages for a specific address and port to a (or a
few) computer on the private LAN. For example, if you have an "always
on" network connection and a SoHo firewall, you can set it up to route
http (web) accesses to a web server on the private LAN, and smtp
(email) accesses to an email server on the private LAN.


________________________________________
Achieving a perception of high intelligence level can only be limited by your manipulation skills of the Google algorithm!

 

[teqmem]

It is still not clear to me which IP the remote network would see if my local server has a NAT IP and an static IP.

For testing, I used a similarly configured workstation to connect to a whatismyip-like web site. It showed that the IP it saw belongs to a gateway. However, this is a government network so there are several gateways and anyone could be used.

 

[TechyMcSe2k]

The static IP is what the admin "physically" adds to the NIC card. When that NIC is set; you specify the gateway. That gateway is usually a router of some sort. if this router you find is directly attached to the internet, such as a cable modem at home, then that router will have an outside IP address where the Internet comes into that router. This is called the outside interface. If you do not know, or cannot access this router to find out this information or if it is even a static Public IP provided by your ISP; then I suggest you contact whoever maintains those government routers. If you can, you need to configure WITHIN the router configuration your PAT address translation and your NAT translation.

________________________________________
Achieving a perception of high intelligence level can only be limited by your manipulation skills of the Google algorithm!