cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7405
Views
0
Helpful
9
Replies

Route one Public Ip to another Public IP

orahman99
Level 1
Level 1

Guys is it possible that a public IP can be automatically routed to another public ip.

For example I have two routers A and B.

router B has a LanB in 10.0.0.0 network and the public ips are in the x.x.x.0 for internet access.

router A is located at a remote location and has a public ip of y.y.y.0 network.


When I connect to router A using y.y.y.0 it automatically gets routed to x.x.x.0 and then to the LanB.

9 Replies 9

Collin Clark
VIP Alumni
VIP Alumni

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml#topic10

If I understand your question I think this is what you're looking for.

Hope it helps.

Hi Collin,

I have tried the regular Nat but doesnot seem to work. In my case a client uses one internet IP but automatically gets redirectd to another Internet IP behind which is the actual Lan :unlike regular Nat which is public to private.

A client over the internet connects to 216.1.2.2(internet IP on R2) but this gets automatically redirected to 216.3.3.6(internet IP of Server on Lan behind R1) so they access.R2 and R1 are separated by the Internet.

so what I actually want is that the internet IP of 216.1.2.2 is automatically redirected to 216.3.3.6.

Lan behind R1 is currently setup properly with appropriate nat and accessible but I want it to be accessible both way ie

Server  with internal ip of 10.0.0.3 - 216.3.3.6 should be accessible using both 216.3.3.6 and 216.1.2.2 as well.

I have tried all posible configurations and have search the whole internet but can't find anything to solve this issue.

I need only to setup R2 as R1 is already setup with regular nat and static route.

Would appreciate any help as soon as possible.

I'm not sure I completely understand your topology. Can you draw a diagram with some IP's?

I am attaching a rough diagram of what I want  to achieve.

Lets  say I am on the internet (Remote User) and I want to get the server on the Lan behind R1  whose regular external IP is 216.3.3.2 provided by ISPA, .

I have set R1 up using regular Nat and I can access the server as desired.

Now what I want Is that I have a second router R2 separated by the internet from R1 such that whe the Remote User uses an external IP provided by ISPB of 216.4.4.2 and gets to the server behind R1 without actually knowing of R1 ie 216.4.4.2 gets automatically routed to 216.3.3.2.

so basically Remote user can access the server using 216.3..3.2 and 216.4.4.2.


I have been able to configure R1 properly but not able to setup R2 to achieve the scenario I want.

Obaid,

My first thought here would be for you to create a point-to-point GRE tunnel from R2 to R1. This will provide your two routers a connection to each other. R2 can advertise out the 216.4.4.0/24 network, and then have a static route on it that points to the other side of the tunnel to R1 to get to the address range of Private range of your servers (once the packets get to R1 that router should have the routing table already setup properly). At this point you would just need to create a route-map on the R1 Tunnel that is looking for traffic from 216.4.4.2 on TCP port 80/443 and then NAT that traffic to your 10.0.0.0/24 range, similiar to what you already have set up on R1.

Let me know if you need help with those configs.

-Toby

Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

-Toby


Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

Hi tobyarnett I configured the tunnel but now I am confused on how  my user traffic  will use 216.4.4.2 to get it automatically routed to the Lan on R1 since they are all remote?.

Here is the configuration I have come up with I created a Gre tunnel but now how do a direct the traffic from R2 to R1?

A bit confused here!!

R1:

ip name-server 10.0.0.1

interface gi0/0

ip address 10.0.0.254 255.255.255.0

interface gi0/1

ip address 216.3.3.1 255.255.255.0

ip nat inside source static 10.0.0.2  216.3.3.2

ip nat inside source static 10.0.0.3  216.3.3.3

interface tunnel 0

ip address 10.1.5.2 255.255.255.0

tunnel source 216.3.3.1

tunnel destination 216.4.4.1

ip route 0.0.0.0 0.0.0.0 216.3.3.254

ip route 0.0.0.0 0.0.0.0 10.1.5.3

R2:

interface gi0/1

216.4.4.1 255.255.255.0

interface tunnel 0

ip address 10.1.5.3 .255.255.255.0

tunnel source 216.4.4.1

tunnel destination 216..3.3.1

ip route 0.0.0.0 0.0.0.0 216.4.4.254

ip route 0.0.0.0 0.0.0.0 10.1.5.2

tobyarnett
Level 1
Level 1

This is a good start. I am typing this from my tablet so it is a bit hard to write up a config. I will write you up a config in the morning and send your way. You got the right idea,but there is more needed. The NAT will go on the R1 side of the tunnel. Using a route-map will best help look for the correct traffic. I will get you a basic config and you can modify it based on your IP's and environment.

Toby


Sent from Cisco Technical Support Android App

-Toby


Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

tobyarnett
Level 1
Level 1

Ok I am struggling with this one the more I write my configs for it. I think I will put this in my lab tomorrow and try it out. This is about the direction I was thinking originally. This may need to be altered a little bit. The idea is to get a tunnel between both sites (this is just a GRE tunnel - no encryption), then pass your R2 Public IP over to R1 and have it NAT to your existing NAT list so it can route using the current configs. The goal is to minimize the amount of work.

_______________________________________________________

R1
interface GigabitEthernet0/1
ip address 216.3.3.1 255.255.255.0
!
interface Tunnel0
description R1 VPN to R2
ip address 10.1.1.1 255.255.255.252
ip broadcast-address 10.1.1.3
ip mtu 1400
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1360
load-interval 30
keepalive 5 4
tunnel source 216.3.3.1
tunnel destination 216.4.4.1
tunnel key 121212
!
ip nat inside source static 10.0.0.3 216.1.2.2

R2

interface GigabitEthernet0/1
ip address 216.4.4.1 255.255.255.0
!
interface Tunnel0
description R1 VPN to R2
ip address 10.1.1.2 255.255.255.252
ip broadcast-address 10.1.1.3
ip mtu 1400
ip virtual-reassembly
ip tcp adjust-mss 1360
load-interval 30
keepalive 5 4
tunnel source 216.4.4.1
tunnel destination 216.3.3.1
tunnel key 121212
!
ip route 216.1.2.2 255.255.255.255 10.1.1.1

-Toby

Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

-Toby


Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

Hello toby,

I am a bit confused about the Nat.

By setting the tunnel 0 on R1 as Ip nat Inside does this mean the traffic will be automatically routed from R2?

Wont we need any form of Nat on R2?

I am a bit confurse here.

Review Cisco Networking for a $25 gift card