[Last Call] Learn how to a build a cloud-first strategyRegister Now


Using a block of IP's without applying them to an interface

Posted on 2004-11-21
Medium Priority
Last Modified: 2010-04-10
This question has been asked before as PART of another question previously posted.  

I've been issued a block of public ip's /25 to /25 - Labled as "Ethernet/lan" by the isp

I've been assigned  /30 labled as " WAN IP"

I called the ISP as I want to nat the public IP's to internal addresses on a cisco 2620.  I was told to apply the to S0 and apply to E0.  In other words, do not apply the 57.X.X.X address to any interface and just nat them the same way I had before.

ip nat inside source static tcp 80 80 extendable <-- for www server

Two questions:

1. Will this work as described and/or is there anything else that I need to do like adding the 57.X.X.X network as a static entry?

2. Do I need to specify the ISP's router address ( anywhere on the router as a gateway?

I was told that I don't need to be concerned with the  57.X.X.X network as it is an entry on the ISP's routers but this was information by an engineer who was in an obvious hurry and  felt that since we did not buy the router from them that  it was some sort of  "privilage" for me to ask any questions at all. Question 3.  I can still cancel. Should I even bother setting up service with this ISP?

Thanks for your help!

Question by:zenportafino
  • 3
  • 2

Accepted Solution

Eladla earned 1200 total points
ID: 12642848
Interesting configuration.
Why would you need so meny public ips?
That kind of beats the point of having a firewall/router.
Anyway, I think you have the right idea. Map each internal IP to one of the external IPs.
What I also think you should do is make all the private IPs static as to keep the integrity of your configuration. In other words, DON`T use DHCP after you map the IPs in the router, thats just looking for trouble.
Good luck.

Expert Comment

ID: 12642851
Looks good to me so far.
But it really depends on your ISP an how they do things in their network.

how do you hook up to the internet by the way ?

is it.

ISP Router --- your router -------your intranet ?

my isp for example gave me  4  public IP's and they just gave me a configured router with 4 ports where each port represents a IP.

but i don't know how this is managed by your isp.

it sounds to me like you only got one port and all 4 ip*s are routed trough 1:1 to that port ?.

if so i guess all you have to do is to set your routers gateway to the ip of your isp's modem/router and then just simply set up the nat rules for the specific source ip's so lets say if ithe packet is comign from
redirect it to maschine on port 80.

Please note that i' am not yet a expert in terms of networking i'm only learning.
but as far as i know about it your matter should work just fine with that configuration altough it still depends on your ISP.

What do you mean by "you can still cancel" you mean the contract with your ISP?
Thats a decision imo that no one can take for you it depends on if you are happy with that what you get for your money from your ISP.
with best regards AO


Expert Comment

ID: 12642873
i can see no problem with using dhcp since you can reserve certain ip adressess for example the for the web server.
and anyway dhcp servers tend to give a maschine the same ip it got last time if not already taken.
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Expert Comment

ID: 12642879
"and anyway dhcp servers tend to give a maschine the same ip it got last time if not already

But you can`t count on that.....and it`s just askin for trouble.

Author Comment

ID: 12646415
This is a relatively small network and we really only use about 10 IP's.  I didn't place the order.  The servers are of course static internal IP's so there will be 10 or so nat translations.  The nat translation above is just an example for the www server. There will be 9 others.

Question 3 is an injection of humor but on the serious side I'm apprehensive to do business with a company that in essence is telling me at the start that when I need support, I can expect allot of attitude and very little help.  


Expert Comment

ID: 12647546
I hate it when ISPs act up!

Anyway, back to the matter at hand.
You need to map every internal IP to an external IP in the router.
You might want to get the ISP to do this, but that will only work if you got the router from them.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question