Router LAN Interface IP

This may be a very dumb question, but I'll ask anyway. I've got a cisco 1721 for my T1 internet connection. Its LAN interface has an ip of x.x.x.46, subnet 255.255.255.240/28. I do have a block of IP's.  Whatsmyip.org shows my public ip as x.x.x.40, not .46  I'm confused!
bluespringsitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Intense_AngelCommented:
It is because your lan interface will have the ip of the gateway for your internal clients to point to to get out.  Your public is 40 because your router is using it.  You can easily use one of the other ip's given to you to for outside access.

For instance you could give a server one of your static public IP's and hook it up on the other side of router which is called a DMZ and you could then ping it.  Also....you can use another router etc.  

Make sense?
0
bluespringsitAuthor Commented:
Where is it specifed that the router is using .40 ? In the config, there is 216.x.x.46 for the LAN interface and then a 65.x.x.x address for the serial interface. I have a dmz with an smtp relay server and an iis server in it. The DMZ is located off one of the interfaces on my pix firewall. Both servers are using two of the block of public ip's.
0
Intense_AngelCommented:
Well now I am somewhat confused.  When I had a T1 going to my house the ISP that I got the router from had given the device a 65 range like above, and they gave the lan side a static that translated with the 65 range, and a static for the gateway...the rest of the range I could use freely, but some I could not and was not allowed to change this, only the ISP provider of the T1 could do this.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

rsivanandanCommented:
It depends on what ip address you are using to NAT your outgoing connections. Can you post your router configuration here ? Are you natting at the router or PIX?

In other words, where do you have the x.x.x.40 address configured? On router or pix?

Cheers,
Rajesh
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pjtemplinCommented:
"my public IP" must be different than "my router's public IP", unless you have a web browser IN your router.

Your PC has the address x.x.x.40.  Your PC's default gateway is x.x.x.46.  You have the subnet x.x.x.[32-47].  Yay.
0
rsivanandanCommented:
Thnx for the points. Hope you found out the NAT is to x.x.x.40

Cheers,
Rajesh
0
bluespringsitAuthor Commented:
Thats strange. I posted a reply, but it didnt take. NAT is being done on my PIX.

global (outside) 1 216.x.x.40                              
nat (inside) 0 access-list 101                              
nat (inside) 1 0.0.0.0 0.0.0.0 0 0  

The router's lan ip is 216.x.x.46. The outside interface on my pix is 216.x.x.45. NAT is being done on the outside interface of the pix, such that each packet picks up 216.x.x.40 as its global outside source address when the packets are switched from the inside interface to the outside interface on the pix. So, the .40 address isn't actually assigned to any interface, its only being slapped onto each packet as the source address when the packet leaves my network.

Thanks to all of you for your help.
0
rsivanandanCommented:
Exactly :-) Glad you got it...

In a way, it is good to NAT to a single ip address as it can handle way up to 65000 connections. But since you have public ip internally, I was wondering why NAT? which basically adds processing on the PIX (Not that it can't handle). Just a thought.

Cheers,
Rajesh
0
bluespringsitAuthor Commented:
I'm not sure. As you can probably tell, I inheritted the network and firewall. The pix has three interfaces. One is the DMZ, one is inside, and the third is outside. The DMZ and the Inside interfaces have private range ip's assigned to them. The external interface, which plugs into the route,r has a public ip assigned to it. Is this not optimal?
0
rsivanandanCommented:
Oh. that is the perfect way to go about it. I misunderstood the scenario. I thought you were having public ips on your inside too. So now it is clear. so this is how it is;

Internet----(Public)------Router---------(Public)---------------PIX--------------Inside (Private)
                                                                                      |
                                                                                  DMZ (Private


That is a good scenario to continue with.

Cheers,
Rajesh
0
bluespringsitAuthor Commented:
Thats it!
0
rsivanandanCommented:
:-) I maintain mine the same way...

Nice talkin' to ya...

Cheers,
Rajesh
0
bluespringsitAuthor Commented:
Same here. Thanks again!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Protocols

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.