Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
655
Views
0
Helpful
5
Replies

Accessing inside Server from two ISP at same time

tanveer2005
Level 1
Level 1

‎02-15-2011 12:26 AM - edited ‎03-04-2019 11:25 AM

Can someone tell me, how to access insdie serve from two public IP for 2 ISPs. Static NAT or PBR.

Please se the attached

My goel is to access inside Server from outside with two public IP from 2 ISPs at same time. by static NAT or PBR.
Please help me.

This is runn conf.

interface FastEthernet0/0.1
encapsulation dot1Q 9———–LAN
ip address 10.10.5.70 255.255.255.0
ip nat inside
!
interface FastEthernet0/0.3
encapsulation dot1Q 3———- ISP-1
ip address 82.128.161.50 255.255.255.224
ip nat outside
!
interface FastEthernet0/0.4
encapsulation dot1Q 4————–ISP-2
ip address 77.192.187.250 255.255.255.248
ip nat outside
!
ip nat inside source static 10.10.5.60 82.128.161.51 route-map isp1
ip nat inside source static 10.10.5.60 77.192.187.251 route-map isp2
ip classless
ip route 0.0.0.0 0.0.0.0 77.192.187.254
ip route 0.0.0.0 0.0.0.0 82.128.161.33 20
no ip http server
!
route-map isp2 permit 10
match interface FastEthernet0/0.4
!
route-map isp1 permit 10
match interface FastEthernet0/0.3

Labels:
Preview file
123 KB
0 Helpful
5 Replies 5

tanveer2005
Level 1
Level 1

‎02-15-2011 10:31 AM

No body give or explain , i think, It need some Experit.

0 Helpful

mrdogantr
Level 1
Level 1

‎02-15-2011 11:55 AM

Hi,

Add commands below in your config.

access-list 10 permit 10.10.5.0 0.0.0.255

access-list 20 permit 10.10.5.0 0.0.0.255

ip nat inside source list 10 interface FastEthernet0/0.3 overload

ip nat inside source list 20 interface FastEthernet0/0.4 overload

hth

Muammer

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to mrdogantr

‎02-15-2011 12:05 PM 

mrdogantr wrote:
Hi,
 Add commands below in your config.
access-list 10 permit 10.10.5.0 0.0.0.255
access-list 20 permit 10.10.5.0 0.0.0.255
ip nat inside source list 10 interface FastEthernet0/0.3 overload
ip nat inside source list 20 interface FastEthernet0/0.4 overload
hth
Muammer

You will find that such commands, make NAT fail.

0 Helpful

r.kukreja
Level 1
Level 1
In response to paolo bevilacqua

‎02-15-2011 10:54 PM

the wan router have two different interface for

two different isp

just configure two different public ip on two interface invidually and pint default route from those interfaces

nothing to do with route-map

0 Helpful

tanveer2005
Level 1
Level 1
In response to r.kukreja

‎02-21-2011 12:55 AM

It is working Fine, but you need two IP for LAN , and no need Default route, If some one have other solution for only ony IP for LAN server , please Explain.

Router#sh runn
Building configuration...

Current configuration : 1937 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$HS45408$iutGDSO7r73434mFH.d0bgjOZ/
enable password 7 1218011A135B05580C252720245413D32
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ftp-server write-enable
!
!
!
!
interface Loopback0
ip address 192.168.150.1 255.255.255.252
ip nat outside
ip policy route-map PBR-LOOP
!
interface ATM0/0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface FastEthernet0/0
no ip address
speed auto
full-duplex
!
interface FastEthernet0/0.1
encapsulation dot1Q 9---------------------LAN
ip address 10.10.5.70 255.255.255.0
ip nat inside
ip policy route-map PBR-LAN
!
interface FastEthernet0/0.3 -------------- ISP1
encapsulation dot1Q 3

ip address 82.128.161.50 255.255.255.224
ip nat outside
!
interface FastEthernet0/0.4-------------- ISP2

encapsulation dot1Q 4
ip address 77.192.187.250 255.255.255.248
ip nat outside
!
ip nat inside source static 10.10.5.60 77.192.187.251
ip nat inside source static 10.10.5.61 82.128.161.51
ip classless
no ip http server
!
ip access-list extended STATIC-NAT-ISP1
permit ip host 82.128.161.51 any
ip access-list extended STATIC-NAT-ISP2
permit ip host 77.192.187.251 any
ip access-list extended STATIC-NAT-SERVICES
permit ip host 10.10.5.60 any----------------- SERVER LAN IP 1
permit ip host 10.10.5.61 any------------------SERVER LNA IP 2
!
route-map PBR-LAN permit 10
match ip address STATIC-NAT-SERVICES
set ip next-hop 192.168.150.2
!
route-map PBR-LOOP permit 10
match ip address STATIC-NAT-ISP1
set ip next-hop 82.128.161.33
!
route-map PBR-LOOP permit 20
match ip address STATIC-NAT-ISP2
set ip next-hop 77.192.187.254
!
snmp-server community public RO
snmp-server enable traps tty
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
password 7 14161606050A7E232B24GFY34JHF373C2C1453
login
!
!
end

Router#

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card