09-01-2021 05:49 AM
Hi
i have routed layer access design which is running OSPF
i have set of public IP's as one of the IP's in firewall doing NAT
what the best scenario how i can make some Hosts/servers have public IP and can go directly to the internet in (core distribution access ) environment all L3 links
09-01-2021 09:46 AM
Hi,
Please provide the following information so that we can assist you with your request:
1. Topology including firewall location
2. where in firewall you set the NAT to the public IP
3. for what purpose you configured NAT
4. IP range / network of the public IPs
Thanks.
09-02-2021 12:53 AM
I am puzzled about the inconsistency in the original post. First the post tells us "i have set of public IP's as one of the IP's in firewall doing NAT". That makes sense and is fairly common. Then the post asks "how i can make some Hosts/servers have public IP". If the Public IP block is for NAT then how do some hosts get Public IP? And if some hosts do have Public IP then the original statement is either wrong or is seriously incomplete.
To answer the question - if some hosts do have Public IP then you need these:
- make sure that your OSPF routes for the subnet of those Public IPs.
- make sure that your OSPF does route those Public IPs to the firewall.
- make sure that the NAT on the firewall does not attempt to translate those addresses.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: