01-29-2013 09:42 AM - edited 03-21-2019 06:54 AM
We have cable internet with 5 assigned static IP addresses.
The UC-540 is assigned say 8.8.8.10
Our SBS 2011 server is assigned 8.8.8.11 with ports 25/80/443/3389 NAT'd to 92.168.10.10 on the LAN
All server (192.168.1.10) traffic must exit the network via 8.8.8.11 in order to eliminate multiple issues (email, vpn, etc).
Currently when I point the server's browser at http://whatismyip.com, the website returns the UC540 gateway IP of 8.8.8.10 in my example.
I need the website to return 8.8.8.11 instead.
Any help appreciated.
Solved! Go to Solution.
01-29-2013 11:37 AM
Hello,
My apologies, I didn't provide you the correct instructions.
You first need to define the pool of available external IP addresses to use. In this case, just the 1 external IP for the server.
Then you need to create the NAT mapping where you tie the internal and external IPs. Make sure to set the NAT mapping for all ports.
Thanks,
-john
01-29-2013 09:58 AM
Hello,
You can do this in CCA under: Configure -> Security -> NAT. Then you need to define a NAT pool with the external IP and internal IP.
Thanks,
-john
01-29-2013 11:28 AM
Ive taken you advise and deleted, receated, restarted and still the same result.
Any ideas?
01-29-2013 11:37 AM
Hello,
My apologies, I didn't provide you the correct instructions.
You first need to define the pool of available external IP addresses to use. In this case, just the 1 external IP for the server.
Then you need to create the NAT mapping where you tie the internal and external IPs. Make sure to set the NAT mapping for all ports.
Thanks,
-john
01-29-2013 01:13 PM
John,
That worked. Thanks much.
The secret is to delete all the pools.
Then, create the new pools.
Finally to create the proper NAT mapping.
It may have helped to wr and restart the UC540 as well.
Cisco should make CCA apply in changes in the correct order in the next relase.
02-15-2013 08:21 AM
If I map the for all ports to make this work, isnt that a security issue?
It seems to me that I will have to put a firewall behind the UC540 firewall to protect the Small Business Server having having all ports exposed to the internet.
02-19-2013 08:59 AM
The UC540 has to be at the edge of the network to do QOS.
It would be kind of silly to put a firewall behind the UC540.
Does anyone have any ideas?
02-19-2013 03:04 PM
Hello Brook,
NAT settings are different from the ACL settings.
You may nat the external address to a certain internal ip but in the ACL on the WAN port you may allow only the needed traffic to pass.
HTH,
Alex
*Please rate helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide