Solved

Is it possible to assign two public IPs from different ISPs to one private IP?

Posted on 2008-10-10
4
197 Views
Last Modified: 2010-04-02
I am actually pretty sure the answer to this is "No", but I have to be certain.  Basically, I have a server that is located at a remote office with it's own ISP connection and a static NAT.  It is connected to the main office via a point-to-point fiber connection.  Can I use a public IP from the main office and point it to the internal address at the remote office as a secondary NAT so to speak?
0
Comment
Question by:NRL71
  • 3
4 Comments
 
LVL 2

Expert Comment

by:scottbortis
ID: 22689245
I know you can do this with a Cisco IOS 8(x).  It is called hairpinning.  That assumes that you have a VPN connection.  

If it is just a subnet of your existing system, you can have your perimeter security device just route to that I believe using DNS forwarders...I believe.

0
 
LVL 2

Expert Comment

by:scottbortis
ID: 22689258
http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/vpnsysop.html

is the link to cisco hairpinning for future referece to the KB
0
 

Author Comment

by:NRL71
ID: 22689305
It's not a VPN connection - it is a subnet of the network at the remote office connected via a P2P DS3 with 7206 routers terminating them.  I have ASA 5540s at each location for the fw.
0
 
LVL 2

Accepted Solution

by:
scottbortis earned 500 total points
ID: 22689404
Setup an access list on the ASA on the outside of your main site that allows traffic for your subnet.  Then set a route that sends traffic to the internal 7206 router on the other side of that connection.  

i.e. if your host network is 10.1.0.x and your subnetted network was 10.3.0.x you can use a command like the following:

route inside 10.3.0.0 255.255.0.0 10.1.0.3 1

providing that 10.1.0.3 is the 7206 router on your side of the DS3

Then it is just a matter of setting a static route in your ASA to direct traffic to the appropriate subnet.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DHCP shows for Static IP in Network properties 3 61
ping results - mixed 5 50
Making my subnet larger? 10 67
Scan IP address, obtain info 7 95
Article by: rfc1180
The Maximum Segment size (MSS) is an important consideration when troubleshooting connectivity via the Internet/Intranet. As the packets are routed via the Internet/Intranet, the packets must traverse through multiple routers in the path between two…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question