Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1102
Views
0
Helpful
6
Replies

Public IP on server

KJouda
Level 1
Level 1

‎10-23-2018 03:25 AM - edited ‎03-08-2019 04:27 PM

Hello

I'm not very professional with cisco yet. I'm learning. I hope to get some help with this.

 

I have a customer who has a cisco network. He has a server with 2 network cards. He wants to put a public IP on one card and pass it through the internet. What configuration should I do to make this work. Is it related to the core switch ? Or the router ? Is there vlan involved ?

Labels:
0 Helpful
6 Replies 6

yannickrioux
Level 1
Level 1

‎10-23-2018 03:47 AM

Hello KJouda,

 

first of all I would not recommend to put the public IP on the server directly. It should go through at least a firewall (optionally an IPS or Reverse Proxy)

 

  • To be able to do what you wish to do you need to understand the clients topology. A network diagram will be of great help to understand how the network is configured.
    • From my understanding you need to connect the server to the internet.
    • Knowing the public IP address will help. From which subnet it is allocated.
  • If a network diagram is not available, a physical survey will be required.
    • Try to locate where the Internet breakout is situated on the network
  • If you are going to configure the public IP address on  the server second card (which I dont recommend),
    • Try to know which OS is running on the server
    • Normally you can configure the public IP address directly on the server.
      • Find the IP address, Gateway IP and the subnet Mask
      • I guess that you will then have to do routing configuration for the internal IP Address.

Hope this can help you to get started.

0 Helpful

KJouda
Level 1
Level 1
In response to yannickrioux

‎10-23-2018 12:11 PM

Do you mean I should give it a private IP and NAT it with the public IP they own through the router ?

Their network is basically a core switch connected to a router. There is no firewall or anything like that. Only VLANs on the core and everything goes to the router. So is it possible to keep the server in the same VLAN with both network cards (different IPs) and just NAT one of them to the public IP ??

In that case then where do I configure this and  what should I change in the core switch ? Is it just done on the router ???
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to KJouda

‎10-24-2018 03:02 PM

We might be able to provide better advice if we knew more about that customer environment. You say that there is a core switch with vlans and it connects to a router. You do not tell us whether the switch has routing enabled so that it can route between local vlans and have a default route to get to the router for Internet access or whether the switch is operating at layer 2 and all routing for the vlans is done on the router.

 

I would say that in general if a device has two cards and one will have a private IP address and the other will have a public IP address it would not be usual to have both cards connect in the same vlan. In general you would want one vlan for public IP and a different vlan for private IP. But it is possible to have both in the same vlan if you configure what is routing for the vlan with a secondary IP address.

 

HTH

 

Rick

HTH

Rick
0 Helpful

KJouda
Level 1
Level 1
In response to Richard Burts

‎10-25-2018 11:30 AM

They have vlans on the core switch and it is routing between them and also has default route to the router. I thought about creating a separate vlan for the server and put the public ip on it but then what else should I configure ? what should I configure on the router ?? Or whats the next step ?? I feel like there is something missing here

 

The other option is just keep both cards on the same vlan with a private ip inside that vlan range and then do a NAT on the router for this IP and the Public IP. Is this viable ? Is there any modification that should be done on the switch ???!

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to KJouda

‎10-25-2018 02:10 PM

Thanks for some additional information. It is helpful to know that they have several vlans and are routing between vlans on the switch and have a default route to the router for Internet access. We still do not have enough information about the environment to give good advice. In particular we need more information about the public IP for the server. Is it a single IP address to be used stand alone? Or is the public IP part of a group of public addresses? If it were part of a group of public addresses then how are the other addresses being used?

 

Without knowing much about your particular situation I can say that the most common solution is to have a private IP address on the server and to do a static address translation on the router. This would accept traffic from the Internet, translate it, and forward it to the server. 

 

HTH

 

Rick

HTH

Rick
0 Helpful

KJouda
Level 1
Level 1
In response to yannickrioux

‎10-24-2018 12:43 PM

I need an answer to this please

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card