Solved: Configuring NAT in multiples public server

dnievesr01 · ‎05-14-2013

Hi everyone,

I need to configure 5 public servers in my LAN. The IP Private addres are: 192.168.3.2, 192.168.3.3, 192.168.3.4 and 192.168.3.5. My ISP give me 5 public IP´s 190.93.50.106-110.

The interface configuration on cisco 2901 are:

Inside: 192.168.3.1

outside: 190.93.50.105

I can´t understand the method of configuration in cisco product for my case. Is little hard to understand Inside local, Inside global, Outside Global Outside local.

Note: In this router I only have public servers and dont need overload a Ip address for internal traffic

Thanks for your help

paul driver · ‎05-14-2013

Hello Daniel

Inside Local = Addresses assigned to devices inside your network

Inside Global = Addresses to which your inside devices are known to the outside ( outside you network)

Outside Local = Addresses assigned to devices outside your network - not known by devices inside your network

Outside Global = Addresses by which outside devices are known to the inside

IG addresses are mapped to IL addresses, and OL addresses are mapped OG addresses

HostA - (INSIDE) Host B (OUTSIDE)

192.168.3.2 (IL) 190.93.50.106 (IG) ----> 200.200.200.3 (OL) 172.16.2.3 (OG)

192.168.3.2 (IL) 190.93.50.106 IG) < ---- 200.200.200.3 (OL) 172.16.2.3 OG)

ip nat inside source static

A.B.C.D Inside local IP address

esp IPSec-ESP (Tunnel mode) support

network Subnet translation

tcp Transmission Control Protocol

udp User Datagram Protocol

Basic one to one mapping - specific host - to host

ip nat inside source static (inside local) (inside global)

ip nat inside source static 192.168.3.2 190.93.50.106

ip nat inside source static 192.168.3.3 190.93.50.107

ip nat inside source static 192.168.3.4 190.93.50.108

ip nat inside source static 192.168.3.5 190.93.50.109

to a specific port

ip nat inside source static tcp 192.168.3.2 80 190.93.50.106 80

ip nat inside source static tcp 192.168.3.3 80 190.93.50.107 80

ip nat inside source static tcp 192.168.3.4 80 190.93.50.108 80

ip nat inside source static tcp 192.168.3.5 80 190.93.50.109 80

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

paul driver · ‎05-14-2013

Hello Daniel

Inside Local = Addresses assigned to devices inside your network

Inside Global = Addresses to which your inside devices are known to the outside ( outside you network)

Outside Local = Addresses assigned to devices outside your network - not known by devices inside your network

Outside Global = Addresses by which outside devices are known to the inside

IG addresses are mapped to IL addresses, and OL addresses are mapped OG addresses

HostA - (INSIDE) Host B (OUTSIDE)

192.168.3.2 (IL) 190.93.50.106 (IG) ----> 200.200.200.3 (OL) 172.16.2.3 (OG)

192.168.3.2 (IL) 190.93.50.106 IG) < ---- 200.200.200.3 (OL) 172.16.2.3 OG)

ip nat inside source static

A.B.C.D Inside local IP address

esp IPSec-ESP (Tunnel mode) support

network Subnet translation

tcp Transmission Control Protocol

udp User Datagram Protocol

Basic one to one mapping - specific host - to host

ip nat inside source static (inside local) (inside global)

ip nat inside source static 192.168.3.2 190.93.50.106

ip nat inside source static 192.168.3.3 190.93.50.107

ip nat inside source static 192.168.3.4 190.93.50.108

ip nat inside source static 192.168.3.5 190.93.50.109

to a specific port

ip nat inside source static tcp 192.168.3.2 80 190.93.50.106 80

ip nat inside source static tcp 192.168.3.3 80 190.93.50.107 80

ip nat inside source static tcp 192.168.3.4 80 190.93.50.108 80

ip nat inside source static tcp 192.168.3.5 80 190.93.50.109 80

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

dnievesr01 · ‎05-14-2013

So let me undertand this.

If I use the configuration that you gave me and I put a webservice (Example: FTP) in anyone of my internal IP address (Example 192.168.3.2), everybody that try to connect in a browser (outside - Internet)using 190.93.50.106 the router translate the petition a send to 192.168.3.2 (and viceversa)

Thanks for your help

paul driver · ‎05-14-2013

Hello
Yes that is correct

Res
Paul

Sent from Cisco Technical Support iPad App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul