Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
444
Views
0
Helpful
2
Replies

Through two ISP there are external inquiries to an internal resource in LAN

gruzdov
Level 1
Level 1

‎11-05-2007 12:11 PM - edited ‎03-03-2019 07:25 PM

Whether It is possible to make static translation on router in that case:

there are two public IP addresses (from two providers), on each address the same port is used.

also there is a server in a private network with one IP and one port.

DMZ Server(Private IP:12222)<->ASA<->C2811(ISP1 IP:12222;ISP2 IP:12222)

Whether such configuration is possible?

Any help and/or recommendations are welcomed.

Labels:
0 Helpful
2 Replies 2

tdrais
Level 7
Level 7

‎11-05-2007 02:24 PM

Using a static NAT from 2 different ISP to a single inside machine is easy. Your problem is more the return traffic. You need to somehow make the traffic returning from the server to the user to go back out the same ISP as it came in from. By the time the packet gets to the end server all it has is its private address and the actually source address. Even it knew about both ISP routers it has no way to know which is better.

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to tdrais

‎11-05-2007 02:42 PM

Hi,

You will find that when using NAT in IOS, returning traffic is not a issue. This is because the way NAT works, it builds "translations" that contains the outgoing interface, so everything should work fine with minimal configuration.

Of course this will require all the NAT config to be in the router, as opposed to the ASA for the proposed config.

(side note, ASA is a bit redundant when used with a well-configured router, but that is another issue).

Hope this helps, please rate post if it does!

0 Helpful
Customers Also Viewed These Support Documents