07-13-2002 11:24 AM - edited 03-01-2019 11:51 PM
is it possible for a router say 2600 series to based its routing decision on the incoming ports used?
eg.
1 if the incoming traffic is smtp/pop3, route it to mail server with ip address X on the LAN
2. And if the incoming traffic is http, route it to the www server with ip address Y on the LAN
Both X and Y are on the ethrnet side of the router and are of private addresses....The obvious purpose of which is to use a single public IP address which is just on the serial side of the router to allow both http pop3/smtp access from the outside...the services are provided by the X and Y servers on the LAN.
thx.
07-13-2002 04:35 PM
http://www.cisco.com/warp/public/556/9.html
Configure static NAT mappings on the router to direct traffic differently for different TCP ports. For instance:
ip nat inside source static tcp 10.0.0.2 25 200.14.15.2 25
ip nat inside source static tcp 10.0.0.2 110 200.14.15.2 110
ip nat inside source static tcp 10.0.0.3 25 200.14.15.2 80
Where 10.0.0.2 is your mailserver, 10.0.0.3 is your webserver, and 200.14.15.2 is your single public IP address.
07-15-2002 08:18 AM
For those of you who are looking for the documentation on this feature, this is called "Port Address Translation" and it works beautifully.
The only problem with PAT I ran into was actually on a PIX with 6.2. I found that I could not find a way to port map the PIX's outside interface to an internal windows 2000 VPN server. The reason for this is that PAT only wants to work with TCP or UDP protocol ports, and the windows 2000 VPN server needed a GRE protocol mapping. Thus I had to use a second global address for VPN port forwarding, by way of a statically mapped NAT address.
One of you will probably tell me that I could have done it some other way!
07-13-2002 05:15 PM
Yes it is possible. One way I can think of is by implementing Policy-Based Routing.
http://www.cisco.com/warp/public/732/Tech/plicy_wp.htm
07-15-2002 01:47 AM
thx a lot ....so this just mean i can use multiple services hosted by different servers which are accessible from outside without availing multiple public ip addresses...what is d advantages of having public ip address on each servers as compared to using a public ip address only on d serial interface.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: