Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
0
Helpful
1
Replies

servers with Public IP behind CSS

evfodor
Level 1
Level 1

‎06-06-2006 02:35 AM

I have a customer who has several FTP servers behind a css. Some of them has private Ip addresses some of them has public IP addresses. He need to NAT the private IP addresses to a VIP address, but he want to reach public Ip address's servers, with their public IP (without NAT). How can he do that? (with acl and source group?)

Thanks,

Eva

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎06-08-2006 03:04 AM

Eva,

the CSS is also a router, so everything behind it is by default accessible using their ip addresses.

So, there should be nothing special to do for the servers with public ip [just make sure routing in your network is learning the route to the servers through the CSS].

For the other servers, do you need to access each one of them separately ? If so you will need one content rule for each server. This is how nating is done.

If you do not need to access them, but want to loadbalance, then you need 1 content rule and list the servers under this rule.

For connections opened by the server, the same question applies - do you need one-to-one or many-to-one.

Usually, we go for many to one.

All you need then is a group to nat the server initiated connections.

ie:

group ServerNat

vip x.x.x.x

add service FTP1

add service FTP2

...

active

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card