Cisco Router single wan Dual IP NAT not working
We have a cisco 851W working as the office router.
We have several NATs configured pointing to some internal machines accessed from outside by some users.
Our ISP is going to replace the internet circuit with a new one, changing our IP address. They have already delivered their end point to the office.
Our plan was add this new IP address as secondary IP at router's wan, change DNS records, wait for worldwide refresh time swith which IP is primary and which is secondary and once we have confirmed the new circuit is stable disconnect the old one and remove it's ip address.
I had added the secondary IP address
interface FastEthernet4
ip address new_IP 255.255.255.248 secondary
ip address OLD_IP 255.255.255.0
ip access-group 101 in
but I discovered that none of the incoming nats is working.
Checked nats and they are configured used fastethernet4 and not the main IP address.
Checked the ACL and there it was configured by IP, added several entries at the ACL but it still not working.
access-list 101 permit tcp any host old_ip eq 6901
access-list 101 permit tcp any host new_ip eq 6901
Also I am not able to "duplicate" port forward from the new IP address to one of the already existing
something like
ip nat inside source static tcp 192.168.6.30 5900 interface fastethernet4 6904
ip nat inside source static tcp 192.168.6.30 5900 interface new_ip 6904
or
ip nat inside source static tcp 192.168.6.30 5900 interface fastethernet4 6904
ip nat inside source static tcp 192.168.6.30 5900 interface new_ip 6904 extendable
Is there a way to perform this?
Any further question please let me know.
We have several NATs configured pointing to some internal machines accessed from outside by some users.
Our ISP is going to replace the internet circuit with a new one, changing our IP address. They have already delivered their end point to the office.
Our plan was add this new IP address as secondary IP at router's wan, change DNS records, wait for worldwide refresh time swith which IP is primary and which is secondary and once we have confirmed the new circuit is stable disconnect the old one and remove it's ip address.
I had added the secondary IP address
interface FastEthernet4
ip address new_IP 255.255.255.248 secondary
ip address OLD_IP 255.255.255.0
ip access-group 101 in
but I discovered that none of the incoming nats is working.
Checked nats and they are configured used fastethernet4 and not the main IP address.
Checked the ACL and there it was configured by IP, added several entries at the ACL but it still not working.
access-list 101 permit tcp any host old_ip eq 6901
access-list 101 permit tcp any host new_ip eq 6901
Also I am not able to "duplicate" port forward from the new IP address to one of the already existing
something like
ip nat inside source static tcp 192.168.6.30 5900 interface fastethernet4 6904
ip nat inside source static tcp 192.168.6.30 5900 interface new_ip 6904
or
ip nat inside source static tcp 192.168.6.30 5900 interface fastethernet4 6904
ip nat inside source static tcp 192.168.6.30 5900 interface new_ip 6904 extendable
Is there a way to perform this?
Any further question please let me know.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.