Solved

Is it possible to assign two public IPs from different ISPs to one private IP?

Posted on 2008-10-10
4
199 Views
Last Modified: 2010-04-02
I am actually pretty sure the answer to this is "No", but I have to be certain.  Basically, I have a server that is located at a remote office with it's own ISP connection and a static NAT.  It is connected to the main office via a point-to-point fiber connection.  Can I use a public IP from the main office and point it to the internal address at the remote office as a secondary NAT so to speak?
0
Comment
Question by:NRL71
  • 3
4 Comments
 
LVL 2

Expert Comment

by:scottbortis
ID: 22689245
I know you can do this with a Cisco IOS 8(x).  It is called hairpinning.  That assumes that you have a VPN connection.  

If it is just a subnet of your existing system, you can have your perimeter security device just route to that I believe using DNS forwarders...I believe.

0
 
LVL 2

Expert Comment

by:scottbortis
ID: 22689258
http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/vpnsysop.html

is the link to cisco hairpinning for future referece to the KB
0
 

Author Comment

by:NRL71
ID: 22689305
It's not a VPN connection - it is a subnet of the network at the remote office connected via a P2P DS3 with 7206 routers terminating them.  I have ASA 5540s at each location for the fw.
0
 
LVL 2

Accepted Solution

by:
scottbortis earned 500 total points
ID: 22689404
Setup an access list on the ASA on the outside of your main site that allows traffic for your subnet.  Then set a route that sends traffic to the internal 7206 router on the other side of that connection.  

i.e. if your host network is 10.1.0.x and your subnetted network was 10.3.0.x you can use a command like the following:

route inside 10.3.0.0 255.255.0.0 10.1.0.3 1

providing that 10.1.0.3 is the 7206 router on your side of the DS3

Then it is just a matter of setting a static route in your ASA to direct traffic to the appropriate subnet.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to get end user's public(external) IP address in ASP.NET 19 126
Accessing web server on IP 10.0.0.199 2 103
NTP: Time Drift on Domain Controllers 22 123
IIS7 FTP default folder 8 108
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question