cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3011
Views
0
Helpful
5
Replies

NAT - 2 Public IP's to 1 Internal IP

Zubair.Sayed_2
Level 1
Level 1

Hi members

Is it possible to perform a NAT whereby I have 2 public IP's and they need to NAT to the same Internal IP?

If this is possible how can it be done because I have tried and dont think this can be done.

Thanks

Zubair

5 Replies 5

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

Could you please provide the purpose of this kind of setup?

What software level are you running on the firewall? 8.2 and earlier OR  8.3 and after?

You can NAT a single local IP address to many public IP addresses with Policy NAT. But in a Policy NAT setup you have to define the remote/destination networks for which the local IP address is visible with the mentioned public IP addresses.

If you can clarify your setup that would require such a NAT configuration I could give you an example.

- Jouni

Journi,

Thanks for the reply.

Basically we have our companies web server and a benchmark server and these will be intergrated into 1 server now.

Currently we have 2 public IP's going to 2 seperate internal ip's.

Traffic can come from anywhere on the Internet to these servers.

Assume the public ip's are 217.1.1.1 and 217.1.1.2 and the internal private ip is 10.1.1.1

Hope this is what you were after.

Z

Hi,

I think the setup would only work if you knew the source address/network where people were connecting to each of the public address.

For example

If you knew that network 2.2.2.0/24 would connect to IP1 and network 3.3.3.0/24 would connect to IP2 you could easily configure a Policy NAT

Is it possible for you to list the services (TCP/UDP port numbers) that need to be reached from the Internet for each of the servers that have not yet been combined?

Can you also mention the software version running on your firewall? I presume you either have a PIX or ASA since you are writing on these forums

- Jouni

I wont know the source because this is the company webserver so source could from anywhere in the world.

I suppose the Policy NAT will work well if you know the source IP only.

We using ASA with version 8.2

Thanks

Z

Hi,

I'm wondering if it would be possible to use port forwarding to achieve what you are trying.

- Jouni

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: