Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

One WAN IP, multiple LAN IP's

Posted on 2010-11-29
9
Medium Priority
?
956 Views
Last Modified: 2012-05-10
I have a Netgear residential-class router, a single WAN IP, and multiple servers running on an ESX host.

My goal is to have subdomains that point to different internal addresses. For example:
hw points to 10.0.0.10 (an ILO card)
www. points to 10.0.0.14 (IIS server)
mail. points to 10.0.0.16 (exchange server)
etc

While some of these can be achieved through port forwarding, I can not change all the servers running port 80.

The root domain / www. subdomain need to remain on 80, but the hw. subdomain would point to an embedded ILO controller on the server. This service runs on a unique internal IP on port 80, and I can not change it. The goal behind this is that even in the event of a power failure that exhausts our UPS's capacity, once power is restored we could remote in and power everything back up without having to touch the hardware.

Effectively this question comes down to how can I route to multiple servers on a single public IP address with a simple router?

I will have a 2008 R2 domain controller in this environment, that will have DNS features enabled. Is there a function of 2008 R2 that could do a reverse-proxy?

I could assign a DMZ IP on my router to point to a vSwitch in the ESX host, but that doesn't do any good for getting to the ILO card.

Will I end up needing to buy a router that can be programmed for NAT?

I know just enough to be dangerous with this technology and am trying to find the best solution.
0
Comment
Question by:vopakit
  • 4
  • 3
  • 2
9 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 34236136
Question:  If this is a business, why are you using a residential class router?  This seems like a bad idea too me...  A Business Class Router should be able to handle Multiple IPs and even Multiple WAN connections.
0
 
LVL 42

Expert Comment

by:Paul Solovyovsky
ID: 34236144
I agree with leew. Should be able to get a cheap 5 IP block business class for as low as $50 month.
0
 

Author Comment

by:vopakit
ID: 34236169
It's not a business, it's a home system. I travel, a lot, and am rarely here. Failures almost always occur when no one is home - usually for a week or so at a time. Unfortunately I don't make enough to afford multiple static IP's.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 34236195
When you're not using business class equipment, you're more prone to failures.

Why do you think your router can't do NAT?  All netgear routers I've seen do.
0
 

Author Comment

by:vopakit
ID: 34236208
It's a WNDR3700... the only options I can find are a single DMZ address and port forwarding. I haven't found any options for creating a NAT table. Have I overlooked something?
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 1000 total points
ID: 34236234
Maybe I'm misunderstanding you...

You have - and can only get - ONE public IP.

You want that IP to be split between hosts - FOR EXAMPLE:
(Service - Server IP)
SMTP 192.168.1.10
HTTP 192.168.1.11
iLO 192.168.1.20
HTTPS 192.168.1.11
Etc.

Then you need to port forward to the appropriate addresses.
The following is a link that describes doing so for SMTP - change the port as necessary for other services:
http://portforward.com/english/routers/port_forwarding/Netgear/WNDR3700/SMTP.htm

NOTE: Some things you simply will not be able to do without a second IP OR running things on non-standard ports.  For example, if you want a web server separate from the Exchange server (with OWA), then either the OWA web service OR the web server will need to be on a different port - one on 80 another on 8080 or 10080 or 15412 or whatever.  (Of course, you could use host headers and have JUST the exchange server be your web server as well).

By the way, doesn't your ISP block port 80 and 25 on residential lines?  
0
 

Author Comment

by:vopakit
ID: 34236257
I think what I'm going to do is just set auto power-up, configure boot times to allow everything to come up normally, pick the most common systems to keep default ports and forward out the rest. I can always just RDP in to do anything else.

After calling in and using the right phrases, my ISP has unblocked all inbound ports. Most are obligated to open traffic if you complain enough.

I should be able to drop the OWA portion of exchange on to the IIS server, so I guess for the time being it'll just be connected to my DMZ and I'll work with that.

I knew this was a long-shot at best. Hopefully there's a raise in my future and I can get a block of IP's to set everything up the way I'd truly like it.

Thanks for all your feedback!
0
 

Author Closing Comment

by:vopakit
ID: 34236259
Sometimes it just can't be done.
0
 
LVL 42

Expert Comment

by:Paul Solovyovsky
ID: 34236336
ILO uses http/https.  You'll have to configure it on a different port if you're going to use 80 and 443 for other servers
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello to you all, I hear of many people congratulate AWS (Amazon Web Services) on how easy it is to spin up and create new EC2 (Elastic Compute Cloud) instances, but then fail and struggle to connect to them using simple tools such as SSH (Secure…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question