I'm a bit of a novice with Cisco routers, so please forgive me if I do not explain this clearly. Our company has a T1 line that connects through our Cisco 877 router. We have been given a block of public IP addresses (3 I think), but are currently only using one of these addresses. We would like to use one of the other public IP addresses for our ftp server. I already know how to port forward the traffic to the secondary IP address, like so:
ip nat inside source static tcp x.x.x.x 21 x.x.x.x 21 extendable
But, if I do this, the ip inspection rules that are being applied to the public IP address I use now (x.x.x.y) are not being applied to this connection. In particular:
ip inspect name CBAC-FTP ftp
interface FastEthernet 4 ip address x.x.x.y 255.255.255.248 .... ip inspect CBAC-FTP in
I have read that you can add a secondary ip address to the same interface. Is this what I would have to do in this situation or is there another preferred method of handling this?
interface FastEthernet 4 ip address x.x.x.y 255.255.255.248 ip address x.x.x.x 255.255.255.248 secondary (Should I do this?)
Thank you for your assistance.