Solved

Redirecting ip on cisco switches or firewall

Posted on 2009-04-02
3
418 Views
Last Modified: 2013-11-16
Hi,

Most of the users in my company uses a application hosted in a unix server that is accessible via telnet. So all theses users do is open this telnet application that have the ip already programmed in it. Lets called it 1.2.3.4.
I need to change the ip of this unix server to 1.2.3.5 but i dont want to go around and change the ip in every telnet application in every desktop.
I know a number of things that can be done, but i just got thinking of this scenario.

My network consists of layer 3 cisco switches and one main pix firewal. 515

Can any of these devices do something like:

When the user initiates the connection to 1.2.3.4 it knows it should redirect to 1.2.3.5 ???

Do you think that is do-able ?

Please let me kno
0
Comment
Question by:iFroyd
3 Comments
 
LVL 4

Expert Comment

by:jordanrog
Comment Utility
I don't think that this is what you are looking for but it might help you a little with some ideas about how to go about it. Really just a shot in the dark.

"In PIX 6.0, the Port Redirection(Forwarding) feature was added to allow outside users to connect to a particular IP address/port and have the PIX redirect the traffic to the appropriate inside server; the static command was modified. The shared address can be a unique address, a shared outbound PAT address, or shared with the external interface."

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml
0
 
LVL 11

Accepted Solution

by:
packetguy earned 500 total points
Comment Utility
Are the users also on the 1.2.3.x network? If so, there isn't really anything you can do, since they are using layer 2, not layer 3, to communicate to the server. If they are on a different network you could configure a NAT policy in the gateway device to the 1.2.3.x network that NATs 1.2.3.4 traffic to 1.2.3.5. That's pretty ugly, though, and you might consider just taking this as an opportunity to configure all users to use a DNS name rather than a hard-coded IP address. Then you'll never have this problem again.
0
 

Author Closing Comment

by:iFroyd
Comment Utility
I agree, i have thought about many ways on how to resolve that with minimum disruption to the users, but i completely disagree in leaving users connecting to things with hard coded ips. The only reason this would be a "nice to have" it;s because i could address changing from ip to name after.

Thank you.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
This video discusses moving either the default database or any database to a new volume.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now