Solved

routing

Posted on 2014-12-17
17
107 Views
Last Modified: 2015-01-06
when someone says that they want to point a router to a specific PI server, or any server at that, are they talking about providing a permit access (acl) from and interface to the server or from subnets on the router to the server? or is this something else?
0
Comment
Question by:Shark Attack
  • 7
  • 6
  • 2
  • +1
17 Comments
 
LVL 3

Expert Comment

by:vipelite
ID: 40505964
What is a PI server? Sounds like they want to filter all traffic through the server like a proxy-server.
0
 
LVL 1

Author Comment

by:Shark Attack
ID: 40505986
its DMZ servers.

I would assume that all they want is to create ACLs permitting traffic? Or how else would I pointed from router to the server
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40505988
when someone says that they want to point a router to a specific PI server
Do you mean "IP" server?  

If so, I don't know that I've really heard it expressed like that.  Generally, routers don't "point" to a server.  They have "routes" to networks.

Can you elaborate as to what you're looking for?
0
 
LVL 1

Author Comment

by:Shark Attack
ID: 40505998
I will gather more info tomorrow and clarify.
0
 
LVL 3

Expert Comment

by:vipelite
ID: 40506000
If those are DMZ servers - they want to proxy your outbound traffic that leaves the router to filter through the server. For example, web-proxy or a snort device to filter through to the internet.

Unless they are literally asking to point a router to a server connect it directly and make sure they are both on the same subnet. which I highly doubt.
0
 
LVL 1

Author Comment

by:Shark Attack
ID: 40506028
these are new dmz servers. if thats the case, this should have been configured for the old dmz servers as well. how could i check the config for that? i do know the old ips for the dmz servers. how can i check how the router is currently configured for the old dmz servers. if they're saying that thats the case then will see. any ideas?
0
 
LVL 3

Expert Comment

by:vipelite
ID: 40506032
What's the make/model of the router?
0
 
LVL 1

Author Comment

by:Shark Attack
ID: 40506036
cisco 2811 Version 12.4
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 3

Expert Comment

by:vipelite
ID: 40506039
sh run | s x.x.x.x
where x = old server ip
or sh run | s x.x.x
where x = old server ip instead of searching the whole ip you can search the first 3 octets.
0
 
LVL 1

Author Comment

by:Shark Attack
ID: 40506048
so there is an access list permit statement from 172.28.5.40 to the dmz server. so i guess its just a traffic permit? thats all they're talking about?
0
 
LVL 3

Expert Comment

by:vipelite
ID: 40506054
Yup, just allow the new servers to what's current.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 40506302
They are referring to static NAT (Port Forwarding)

They want you to direct (forward) a port on your router for traffic from your public IP to point to the IP address of a server
eg traffic request to 10.10.10.10:80 can be forwarded to a server with IP 192.168.1.1.
0
 
LVL 1

Author Comment

by:Shark Attack
ID: 40507466
how can i do that? I will need to do static NAT with port forwarding RDP 3389
0
 
LVL 3

Expert Comment

by:vipelite
ID: 40507578
Provide the following output:
sh run | s nat
sh run | s 172.28.5.40
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40508180
So... what's a "PI" server?
0
 
LVL 1

Author Comment

by:Shark Attack
ID: 40508232
they have DMZ servers and on those DMZ's they had Pi servers which are some sort of data collecting/reporting application. I guess thats why PI server is, some sort of data reporting collecting app.
0
 
LVL 18

Accepted Solution

by:
Akinsd earned 500 total points
ID: 40510488
http://www.osisoft.com/software-support/products/PI_Server.aspx

Let's assume some things Your PI Server's local IP address is 192.168.1.1 and operates on port 5555
public IP address is 10.10.10.10

Your nat statement will be
ip nat inside source static tcp 192.168.1.1 5555 10.10.10.10 5555
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now