02-23-2013 12:22 PM - edited 03-04-2019 07:07 PM
setup:
Cisco 2651XM
from ISP
46.167.229.200/28
46.167.229.201/28
46.167.229.202/28
46.167.229.203/28
46.167.229.204/28
46.167.229.205/28
GW for all ips is 46.167.229.30
on the router I have 3 VLANS
192.168.40.0 --> fa0/1.40
192.168.50.0 --> fa0/1.50
192.168.80.0 --> fa0/1.80
interface FastEthernet0/0
description _WAN_INTERFACE_
ip address 10.74.11.24 255.255.240.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
no cdp enable
crypto map VPNMAP1
end
access-list 50 permit 192.168.50.0 0.0.0.255
ip nat pool pool50 46.167.229.200 46.167.229.200 prefix-length 28
ip nat inside source list 50 pool pool50 overload
ip nat inside source static 192.168.80.100 46.167.229.205
sh ip access-lists 50
Extended IP access list 101
10 permit ip host 192.168.50.0 0.0.0.255 any
So in my case
any attempt to allocate public IP 46.167.229.205 to 192.168.80
and
to nat 192.168.50.0 to46.167.229.200
had no success
Am I missing something ?
Any suggestion is appreciated !
02-24-2013 05:25 AM
After a discussion to my ISP, they told me to assign all IPS as secondary to my WAN interface...
interface FastEthernet0/0
description _WAN_INTERFACE_
ip address 46.167.229.200 255.255.255.240 secondary
ip address 46.167.229.201 255.255.255.240 secondary
ip address 46.167.229.202 255.255.255.240 secondary
ip address 46.167.229.203 255.255.255.240 secondary
ip address 46.167.229.204 255.255.255.240 secondary
ip address 46.167.229.205 255.255.255.240 secondary
ip address 10.74.17.254 255.255.240.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ok.... but from this point my knowledge are limited....
how do I map
46.167.229.200 to 192.168.50.10
46.167.229.201 to 192.168.80.100
02-24-2013 06:55 AM
ip nat inside source static 192.168.50.10 46.167.229.200
ip nat inside source static 192.168.80.100 46.167.229.201
*** Do Rate Helpful Posts***
02-24-2013 11:17 AM
Thanks
here I found another alternative
ip nat inside source static 192.168.50.10 46.167.229.200 route-map tointernet0
ip nat inside source static 192.168.80.100 46.167.229.201 route-map tointernet1
route-map tointernet0, permit, sequence 10
Match clauses:
ip address (access-lists): 2001
route-map tointernet1, permit, sequence 10
Match clauses:
ip address (access-lists): 2001
but ...
I have 2 SMTP server running on those internal ips 192.168.50.10 and 192.168.80.100
they can communicate with external smtp servers but not eachothers
to be more precisely:
internal machine 192.168.50.10 --> ping 46.167.229.200 OK ; telnet to pot 25 failed
from internet --> ping 46.167.229.200 OK ; telnet to pot 25 OK
is something I don't get it ...
02-25-2013 11:02 AM
Just imagine you are on inside and telneting ip which you have natted on router exist there and that natted ip is mapped with your internal ip. I think so you can telnet that ip using local ip when your are at internal machine.
From public u can telnet it on pubic ip.
02-25-2013 12:25 PM
ok....
but what about this case
SMTP1 listening on public IP1 <--> SMTP2 listening on public IP2 ( delivery failure:
deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1))
however SMTP1/2 can send/receive messages w/o any issue to outside world.....
so back to my pb
internal ip1 --> telnet to assigned public IP1 failed ....
02-28-2013 02:16 AM
managed to fix the pb.
looks like I had a DNS issue
thanks for support !
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide