cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
95
Views
0
Helpful
3
Replies
hirwan001
Beginner

Confuse in Infastructure

Hi

im fairly new and about to sit for my CCENT exam soon. i still confuse on a few set up of Network equipment. if ISP provide static ip for a company, how and where do you set the Static IP to, from this kind of setup:-

1) ISP Modem ----> Firewall ----- > Router --------- > Switch

2) ISP Modem ------> Router ---------> Switch

Bonus question: if the company was given 5 static IPs from ISP provider

1 ACCEPTED SOLUTION

Accepted Solutions
nspasov
Cisco Employee

Hi there!

#1) Usually, the public IP address will reside on the "outside" interface of your firewall. That way you can NAT/PAT your private IPs to that interface. 

#2) In that case the public IP will go on the router. Again, you will run NAT/PAT on that interface.

Bunus Question: I am not really sure I understand the question :) But if you are given 5 IPs then you can either, assign those IPs directly to hosts inside your network, or configure your perimeter device (router/firewall) to utilize those IPs for static and/or dynamic NAT

I hope this helps!

Thank you for rating helpful posts!

View solution in original post

3 REPLIES 3
nspasov
Cisco Employee

Hi there!

#1) Usually, the public IP address will reside on the "outside" interface of your firewall. That way you can NAT/PAT your private IPs to that interface. 

#2) In that case the public IP will go on the router. Again, you will run NAT/PAT on that interface.

Bunus Question: I am not really sure I understand the question :) But if you are given 5 IPs then you can either, assign those IPs directly to hosts inside your network, or configure your perimeter device (router/firewall) to utilize those IPs for static and/or dynamic NAT

I hope this helps!

Thank you for rating helpful posts!

View solution in original post

Hi

Thanks Neno Spasov for the reply. But if for part 1) since public ip reside at the firewall, what do we set up for the router, for example Router to Firewall is Fa 0/0 and router to switch is Fa 0/1. Sorry for the question, just confuse. i know its still long way for me to go.

You would setup a "transit" network like a /30 (for point-to-point) or something like /24 if other devices are to exist on that subnet. That transit network will be based on private/RFC 1918 type address space. 

Thank you for rating helpful posts!