We help IT Professionals succeed at work.

Configure 2 servers with 2 outside static IP's?

KF6DKY asked
Last Modified: 2008-11-10
We currently have 2 servers inside our network. We have 5 static IP's of which we currently une only 1 that is configured in the WAN section of our router and then we use port forwarding for http, email etc. We recently added a 2nd server and would like to assign one of the other static IP's to that server, but still keep that server inside our network for other resources. How can I do this?
Watch Question

Top Expert 2010

That will depend on the firewall you are using.  

You should be able to config the firewall to port forward any incoming for your 1st Internet IP to a certain internal IP, same for your 2nd internet IP.  

You can do port forwarding, or a 1 to 1 static map....    

It basically depends on what you are using.  
This one is on us!
(Get your first solution completely free - no credit card required)


What do you mean by static route?
The only confict we have is both servers need to use port 80?

I mean that you need to get a device that can support 2 public IP addresses. You cannot have 2 servers running on the same port on one IP address.
You need hardware that will support this. The Cisco 851 will do it.
KF6DKY - I am not going to take the opportunity of how all this is going to work.
1) You originally only had a single server hosting http (port 80), email etc and used up 1 static IP for that
2) You now have added a second server to your internal network and want to use a 2nd static IP for that while keeping this server physically on the inside network

Now, the problem you are going to face is that your router can only forward requests on a particular port to a single server. If you are looking to host two web servers on your network, then you would need to use a port other than 80 for your 2nd web server. If Internet users need to get to it, they'll need to do something like http://websitename.com:81

You can configure this using page 25 (virtual server) on the user guide:

I understand that giving users a port along with the URL to go to may be a little inconvenient. That's why services like this one exist which allow you to provide users with a normal URL but it does the port forwarding in the background

KF6DKY - Please let me know if you have any additional questions

As I've now had to do on several of bill's posts - I'll give you the full disclosure of what's going on as opposed to a 'rigged' solution:
Yes, it is possible to do this ON ANOTHER PORT. HOWEVER, it is not possible to host a website on the same port on the same IP as I stated before.
If you want the public to access the site, it is never a good idea to give them a port. Would you remember yahoo.com:81 or yahoo.com:8080  or yahoo.com:1025? I know I wouldn't, not to mention it looks bad.  
You want to keep a URL as short, sweet, and simple as possible - adding :81 or something else to the end doesn't help and will cost you valuable traffic to the site.
If you're using this site for anything other than personal use, it's better to invest the money and get adequate equipment instead of "jerry-rigging" what you have.
All DNS park is is a URL redirection service. It redirections whatever.com to whatever.com:port.
Again, I wouldn't use this because some search engines don't like having ports on the URL and users never remember what it is.
Just my thoughts on the topic. No harm intended Bill.
I only advise and recommend solutions that I have deployed myself. The above has been deployed by me in the past and I haven't heard back from the customer in a while now.

Sorry, I'm not trying to be a butt although it might have come across that way.
The bottom line: yes, that would work, but in most situations where the site was something other than an internal site that employees or vendors use, it probably is better to just put out a little bit of cash (what's $350 now thesesays anyways? You can't even buy gas for a month with that.. lol) and be ensured that you have good equipment that will do the job securely and with the utmost reliability.
Not to mention that they do have 5 public IPs which I assume they'd like to use at some point in time. To be able to use more than one, they would need some sort of different equipment to do so and the Cisco 851 is better than anything else for the price and will do the job deftly.
Cheers Bill - as I said, no harm intended.


Thanks for the info, I think I have enough to make a good informed decision now.

Cool, let me know what you decide! :)


After all this, I may just go with a second nic, I prefer what the Cisco 851 can do, but I'm not a cco guy, what other similar browser configurable routers can handle multiple static IP's?
This one is on us!
(Get your first solution completely free - no credit card required)

Absolutely on the 5505 being excellent. As I've said, I've deployed about 20 of these and other various bigger ones.
Using the ASDM that comes with the ASA 5505 you will have no trouble  getting setup. It's very intuitive. And then if you need help you can just ask on here and there are tons of us to help you!
Also, the built in enterprise features such as the deep packet inspection firewall (VERY good) and the VPN features are also very good - it has both SSL and IPsec VPN.
The bottom line is that you just cannot go wrong with the ASA. If you don't need advanced features like BGP routing OR multiple simultaneous ISP connections, get the ASA. If you need either of the two things I mentioned you'd be better server by the router. Also, the router GUI is considerably more difficult than the ASA's, and I personally think it's useless.
Cheers! Let me know if you have questions!


Are there any tools for the Cisco 860 series that aid in configuration? I'm not a Cisco guy at all.
you do have the sdm but it's not as good

Agreed - SDM sucks. ASDM will let you do almost anything and is very intuitive - the SDM is so confusing and buggy that I get stuck on it sometimes.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.