04-07-2002 06:14 AM - edited 03-08-2019 10:15 PM
Hi,
I have two lease line circuits for Internet. I need redundancy. can i place 2 different class ips for inside and outside. Like each port having 2 ips of different class.
Thanks in advance
Sajin
04-08-2002 06:30 AM
Hi,
I'm quite sure that an interface must has only one ip address...
sorry,
but if you have to publish a service you can define multiple static command, one for pool address.
Graz.
04-08-2002 10:14 AM
ok, i too chked . it can have only one ip.
here is the exact senario.
we have two lease line circuits from different isp.
so different ip range. at a point of time i can connect only one to pix. we are using 2600 series router.
question 1.
Can i put double natting. one in router and then in pix.
2) if i specify that i must specify static in both router and pix. In router u map M.N.O.P with a valid ip. then in pix u will map M.N.O.P with another invalid A.B.C.D . Two staics for my web server.
will this work. since i need redundancy. If one of my link fails , then the other link will take care of traffic.
I have to make 2 static maps with different IPs per router and pix.
Logically i feel it has to work.
But am not sure .
Will this work or not ? any perfomance degradation if it works?
04-08-2002 10:02 AM
Hi,
PIX can only have one IP for each interface, but Cisco router can have a secondary IP. We have two lease lines and the one is primary and the other one is backup with two IP blocks using two Cisco 2600 routers and 515 PIX.
Roger
04-08-2002 10:23 AM
ok,
But how can u configure if u have two diffrent netwroks.
two different isp. so ips are different.
For eg. one is of a.b.c.d
second is of m.n.o.p
see i can assign only one IP of this any of the two range but not both. so where is redundancy.
i have 6 web servers both having two valid ips of different ISP for redundancy. Now i must use static also with two different range. we use one 2600 router
sajin
04-08-2002 10:49 AM
Hi Sajin,
Who manage your router? youslef or ISP?
We're using HSRP protocol to do the failover.
Roger
04-08-2002 11:59 PM
Hi roger,
We are managing the router too.
Can i put double natting. one in router and then in pix.
2) if i specify that (natting on both router and pix) i must specify static in both router and pix since we have web servers inside our network. In router u map M.N.O.P with two valid ips Given by ISPs X and Y . then in pix u will map M.N.O.P with another invalid A.B.C.D . .
will this work. since i need redundancy. If one of my link fails , then the other link will take care of traffic.
I have to make 2 static maps with one invalid IP in router.
Logically i feel it has to work.
But am not sure .
Will this work or not ? any perfomance degradation if it works?
Is there any other solution.
sajin
04-09-2002 01:14 PM
Hi Sajin,
I'm not sure about double natting. Have you called Cisco support?
Our configuration for the 2-line is all done in the two Cisco routers by ATT router group engineers.
At the DMZ interface of the PIX, there're four web servers which are using didferent IP block and they're working fine.
Roger
04-10-2002 08:41 AM
Hi roger,
Double natting works, I tried. with proxy and a pix. Any way double static i will try this sunday. I will let u know the status then. whether it works or not.Or else i will use the dmz port for One isp. just like its coming from another office and connected to our network. any way let me try with double static , double nating . i will let u know by monday. ok.
no friend i will do it myself. If both fails then will ask for help. first 100% effort with in my limit.
regards
sajin
04-11-2002 02:40 PM
Hey,
If what I understand is correct, you are using one router to accept both ISP's. You might not want to use those IP's past that point unless you are doing NAT twice. Say, you have A.B.C.X/24 and D.E.F.X/24 from each ISP for use as public IP's. You can use however many subnets behind the PIX you want (assuming you have a router behind it too to differentiate the subnets). Have your PIX NAT once to a private subnet for use only inbetween your gateway router and PIX, and have the gateway router NAT again using the 2 public pools providing by your ISP's. I have actually done something similair once before and it did work pretty well.
If you couldn't understand exactly what I meant by all that, sorry, it's kind of hard to relay that scenario in writing. Good luck.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide