10-23-2018 03:25 AM - edited 03-08-2019 04:27 PM
Hello
I'm not very professional with cisco yet. I'm learning. I hope to get some help with this.
I have a customer who has a cisco network. He has a server with 2 network cards. He wants to put a public IP on one card and pass it through the internet. What configuration should I do to make this work. Is it related to the core switch ? Or the router ? Is there vlan involved ?
10-23-2018 03:47 AM
Hello KJouda,
first of all I would not recommend to put the public IP on the server directly. It should go through at least a firewall (optionally an IPS or Reverse Proxy)
Hope this can help you to get started.
10-23-2018 12:11 PM
10-24-2018 03:02 PM
We might be able to provide better advice if we knew more about that customer environment. You say that there is a core switch with vlans and it connects to a router. You do not tell us whether the switch has routing enabled so that it can route between local vlans and have a default route to get to the router for Internet access or whether the switch is operating at layer 2 and all routing for the vlans is done on the router.
I would say that in general if a device has two cards and one will have a private IP address and the other will have a public IP address it would not be usual to have both cards connect in the same vlan. In general you would want one vlan for public IP and a different vlan for private IP. But it is possible to have both in the same vlan if you configure what is routing for the vlan with a secondary IP address.
HTH
Rick
10-25-2018 11:30 AM
They have vlans on the core switch and it is routing between them and also has default route to the router. I thought about creating a separate vlan for the server and put the public ip on it but then what else should I configure ? what should I configure on the router ?? Or whats the next step ?? I feel like there is something missing here
The other option is just keep both cards on the same vlan with a private ip inside that vlan range and then do a NAT on the router for this IP and the Public IP. Is this viable ? Is there any modification that should be done on the switch ???!
10-25-2018 02:10 PM
Thanks for some additional information. It is helpful to know that they have several vlans and are routing between vlans on the switch and have a default route to the router for Internet access. We still do not have enough information about the environment to give good advice. In particular we need more information about the public IP for the server. Is it a single IP address to be used stand alone? Or is the public IP part of a group of public addresses? If it were part of a group of public addresses then how are the other addresses being used?
Without knowing much about your particular situation I can say that the most common solution is to have a private IP address on the server and to do a static address translation on the router. This would accept traffic from the Internet, translate it, and forward it to the server.
HTH
Rick
10-24-2018 12:43 PM
I need an answer to this please
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide