Solved

conditional routing with Cisco router

Posted on 2009-07-06
8
918 Views
Last Modified: 2012-06-22
Hi,
I have a Cisco 837 router.  I have a need to do conditional routing based on external IP address such that if a get traffic from that IP on a given port number I route it to a PC on the network, and if I get traffic on the same port number from another IP I route it to a second PC on the internal network.  

Can someone tell me the best way of achieving that?

regards

0
Comment
Question by:middletn
  • 4
  • 4
8 Comments
 
LVL 13

Expert Comment

by:3nerds
ID: 24785257
Are you using NAT/PAT and plan to pass this traffic through public outside to a private inside?

Regards,

3nerds
0
 
LVL 1

Author Comment

by:middletn
ID: 24785314
yes that's correct
0
 
LVL 13

Accepted Solution

by:
3nerds earned 500 total points
ID: 24785400
You can't do it. Sorry but with PAT in this case you can not separate it out.

To get the traffic to pass you will have to create a PAT rule similar to this:

ip nat inside source static tcp 192.168.10.2 443 interface Dialer1 443

and then open the port in the acl like this:

access-list 110 permit tcp any any eq 443

The problem is that you can't statically assign a port to 2 different hosts.

Regards,

3nerds



0
 
LVL 1

Author Comment

by:middletn
ID: 24785455
Hmm, yes I was struggling  with that issue, however, the router we have replaced (another cisco) does do it somehow, unfortunately we can't access that old router to see how they archived it.

Screnario is this.  They have 3 remote workers, all who use remote desktop to get to their in office PC's

regards
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 13

Expert Comment

by:3nerds
ID: 24785519
Do you have multiple outside ip addresses?

The other way I have seen it done is via a proxy type setup using an Windowns sbs 2003 server.

Regards,

3nerds
0
 
LVL 1

Author Comment

by:middletn
ID: 24785558
That could be how they did it, they do have an SBS and the network gateway points to the SBS server, so I guess that might be handling the traffic, but how I don't know

regards

0
 
LVL 13

Expert Comment

by:3nerds
ID: 24785610
The remote desktop proxy in SBS 2003 is called remote work place. Here is a link to it.

http://support.microsoft.com/kb/833983

Good Luck,

3rnerd
0
 
LVL 1

Author Closing Comment

by:middletn
ID: 31600155
Thanks
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now