1. Home
  2. Cisco Systems
  3. Multiple external IPs on SOHO97

Multiple external IPs on SOHO97

Hi,

I have a SOHO97 and was previously using it with a single external IP address (83.216.145.213) from my ISP (Metronet).

I've just upgraded to 8 static address, details as follows:

IP Range: 84.51.160.72 - 84.51.160.79 Router IP: 84.51.160.78 Other usable ips: 84.51.160.73 - 84.51.160.77 Subnet Mask: 255.255.255.248

I'm guessing that if I leave my configuration as it is but change the router IP (dynamically allocated but static) then everything will work as it did previously.

On the premise that the above assumption is correct, I just need to work out how to add the other external ips so I can use them for different hosts within my network using NAT translation.

e.g. 84.51.160.73 -> 192.168.1.35 etc.

Any help or pointers to HowTos would be gratefully appreciated.

R.

Reply to
Robin Bowes
Loading thread data ...

Anyone able to help me with this?

To recap:

I've got a range of IP address from my ISP (details listed below).

Taking just one of my range of IPs as an example, I'd like to route incoming traffic on 84.51.160.73 to an internal server on 192.168.1.60. Specifically, mail (smtp), IMAP, ssh, and web (http), i.e. prots

25,113,22, and 80.

I'm pretty sure this should be relatively straight-forward to do but I'm afraid I don't know IOS well enough to work it out.

Can anyone help?

Thanks,

R.

Current Config: ===============

Current configuration : 6173 bytes ! version 12.3 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname cisco-soho97 ! no logging buffered enable secret 5 ! username admin password 7 username CRWS_Kannan privilege 15 password 7 username CRWS_Sangeetha privilege 15 password 7 username CRWS_Venky privilege 15 password 7 username CRWS_Shashi privilege 15 password 7 username CRWS_dheeraj privilege 15 password 7 username CRWS_Srini privilege 15 password 7 username CRWS_Vijay privilege 15 password 7 ip subnet-zero ip domain name robinbowes.com ip name-server 192.168.1.5 ip dhcp excluded-address 192.168.1.249 ip dhcp excluded-address 192.168.1.60 ip dhcp excluded-address 192.168.1.50 ip dhcp excluded-address 192.168.1.30 ip dhcp excluded-address 192.168.1.4 ip dhcp excluded-address 192.168.1.35 ! ! ip inspect name myfw cuseeme timeout 3600 ip inspect name myfw ftp timeout 3600 ip inspect name myfw rcmd timeout 3600 ip inspect name myfw realaudio timeout 3600 ip inspect name myfw smtp timeout 3600 ip inspect name myfw tftp timeout 30 ip inspect name myfw udp timeout 15 ip inspect name myfw tcp timeout 3600 ip inspect name myfw h323 timeout 3600 no aaa new-model ! ! ! ! partition flash 2 6 2 ! ! ! ! interface Ethernet0 description CRWS Generated text. Please do not delete this:192.168.1.1-255.255.255.0 ip address 192.168.1.1 255.255.255.0 ip nat inside ip tcp adjust-mss 1452 hold-queue 100 out ! interface ATM0 no ip address atm vc-per-vp 64 no atm ilmi-keepalive pvc 0/38 pppoe-client dial-pool-number 1 ! dsl operating-mode auto ! interface Dialer1 ip address negotiated ip access-group 111 in ip mtu 1492 ip nat outside ip inspect myfw out encapsulation ppp ip tcp adjust-mss 1452 dialer pool 1 dialer remote-name redback dialer-group 1 ppp authentication pap chap callin ppp chap hostname ppp chap password 7 ppp pap sent-username password 7 ! ip nat inside source list 102 interface Dialer1 overload ip nat inside source static udp 192.168.1.35 6881 interface Dialer1 6881 ip nat inside source static tcp 192.168.1.35 6881 interface Dialer1 6881 ip nat inside source static tcp 192.168.1.30 6969 interface Dialer1 6969 ip nat inside source static udp 192.168.1.30 50000 interface Dialer1 50000 ip nat inside source static tcp 192.168.1.60 113 interface Dialer1 113 ip nat inside source static udp 192.168.1.4 4672 interface Dialer1 4672 ip nat inside source static tcp 192.168.1.4 4662 interface Dialer1 4662 ip nat inside source static udp 192.168.1.4 1580 interface Dialer1 1580 ip nat inside source static tcp 192.168.1.4 1580 interface Dialer1 1580 ip nat inside source static tcp 192.168.1.60 22 interface Dialer1 22 ip nat inside source static tcp 192.168.1.50 993 interface Dialer1 993 ip nat inside source static tcp 192.168.1.50 585 interface Dialer1 585 ip nat inside source static tcp 192.168.1.60 143 interface Dialer1 143 ip nat inside source static tcp 192.168.1.60 53 interface Dialer1 53 ip nat inside source static udp 192.168.1.60 53 interface Dialer1 53 ip nat inside source static tcp 192.168.1.30 50000 interface Dialer1 50000 ip nat inside source static tcp 192.168.1.4 8080 interface Dialer1 8080 ip nat inside source static tcp 192.168.1.30 3389 interface Dialer1 3389 ip nat inside source static tcp 192.168.1.50 80 interface Dialer1 80 ip nat inside source static tcp 192.168.1.60 25 interface Dialer1 25 ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ip route 192.168.4.0 255.255.255.0 Ethernet0 192.168.1.4 no ip http server no ip http secure-server ! access-list 23 permit 192.168.1.0 0.0.0.255 access-list 23 permit 10.10.10.0 0.0.0.255 access-list 23 permit 192.168.4.0 0.0.0.255 access-list 102 permit ip 192.168.1.0 0.0.0.255 any access-list 111 permit tcp any any eq smtp access-list 111 permit tcp any any eq www access-list 111 permit tcp any any eq 3389 access-list 111 permit tcp any any eq 8080 access-list 111 permit tcp any any eq 50000 access-list 111 permit udp any any eq domain access-list 111 permit tcp any any eq domain access-list 111 permit tcp any any eq 143 access-list 111 permit tcp any any eq 585 access-list 111 permit tcp any any eq 993 access-list 111 permit tcp any any eq 22 access-list 111 permit tcp any any eq 1580 access-list 111 permit udp any any eq 1580 access-list 111 permit tcp any any eq 4662 access-list 111 permit udp any any eq 4672 access-list 111 permit tcp any any eq ident access-list 111 permit udp any any eq 50000 access-list 111 permit tcp any any eq 6969 access-list 111 permit tcp any any eq 6881 access-list 111 permit udp any any eq 6881 access-list 111 permit icmp any any administratively-prohibited access-list 111 permit icmp any any echo access-list 111 permit icmp any any echo-reply access-list 111 permit icmp any any packet-too-big access-list 111 permit icmp any any time-exceeded access-list 111 permit icmp any any traceroute access-list 111 permit icmp any any unreachable access-list 111 permit udp any eq bootps any eq bootpc access-list 111 permit udp any eq bootps any eq bootps access-list 111 permit udp any eq domain any access-list 111 permit esp any any access-list 111 permit udp any any eq isakmp access-list 111 permit udp any any eq 10000 access-list 111 permit tcp any any eq 1723 access-list 111 permit tcp any any eq 139 access-list 111 permit udp any any eq netbios-ns access-list 111 permit udp any any eq netbios-dgm access-list 111 permit gre any any access-list 111 deny ip any any dialer-list 1 protocol ip permit ! line con 0 exec-timeout 120 0 no modem enable stopbits 1 line aux 0 line vty 0 4 access-class 23 in exec-timeout 120 0 login local length 0 ! scheduler max-task-time 5000 ! end

Robin Bowes said the following on 10/11/2005 11:29:

Reply to
Robin Bowes

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.