Solved: Given /29 Public IP

Iloveyou · ‎11-13-2023

Can anyone give me some insight as to how "other" public ip address can be used?

I have heard that people use 1 ip for WAN, another ip for cctv and another for mail server.

It would be better if I have a network diagram to better illustrate this.

Because I have only heard about it but not actually done it.

M02@rt37 · ‎11-13-2023

OK @Iloveyou

Replace the 2 PC with mail server and the other cctv.

The Router on the top perform NAT. /29 public bloc dedicated. Gateway stand for ISP as example.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

Kasun Bandara · ‎11-13-2023

@Iloveyou hi, you can use other IPs by creating NAT in your router or Firewall.

for Ex. check VIP option for the FortiGate firewalls. we can create VIPs to advertise other IPs towards WAN side.

Firewall-------------------------------------------------------------------WAN router

interface 1 - IP address 1.1.1.1/29

                    VIP address 1.1.1.2/29

                    VIP address 1.1.1.3/29

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

DanielP211 · ‎11-13-2023

Hello!

You can use multiple IP's on the outside router/firewall by using NAT. And with nat you can use multiple IP's and "bind" them to different back end servers.

For more info about the configuration and what device you want to use it on write.

BR

****Kindly rate all useful posts*****

Iloveyou · ‎11-13-2023

"You can use multiple IP's on the outside router/firewall by using NAT. And with nat you can use multiple IP's and "bind" them to different back end servers. "

Yes I know this. But an actual diagram or illustration on how i configure multiple public ip on a firewall will be useful because I have not actually seen it before.

M02@rt37 · ‎11-13-2023

Hello @Iloveyou

Using separate public IP addresses for different purposes can enhance security and optimize network services.

You might use different public IPs:

"WAN IP":
This is the primary IP address for general internet access. In a business setting, it might be used for regular web browsing, application access, etc...

-CCTV IP:
A dedicated public IP for CCTV cameras. Enhances security by isolating CCTV traffic from other internet traffic. Allows for specific firewall rules or bandwidth allocation for CCTV-related activities.

-Mail Server:
A dedicated public IP for hosting a mail server. Separates mail traffic from other internet activities. Can be beneficial for managing email-related security and performance.

Each public IP address serves a specific purpose, and this segmentation can provide benefits like

-Security isolation: Traffic for different services is kept separate, reducing the risk of vulnerabilities in one service affecting others.

-Trafic management: Dedicated IPs allow for customized traffic shaping, QoS policies, and firewall rules for each service.

-Service reliability: If one service experiences issues or comes under attack, others may remain unaffected.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Iloveyou · ‎11-13-2023

Yes. I understand this.

But a sample network diagram and how they separate the public LAN ips will be good.

M02@rt37 · ‎11-13-2023

OK @Iloveyou

Replace the 2 PC with mail server and the other cctv.

The Router on the top perform NAT. /29 public bloc dedicated. Gateway stand for ISP as example.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

MHM Cisco World · ‎11-14-2023

Assume you have one public IP for internet for inside host and you have http server inside also.

Now try use acl to all any access to http and deny other and make host inside access http outside.

If you can not then using two or more public is solution.