Announcement

Collapse
No announcement yet.

General routing question

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • General routing question

    Hello! I'm trying to setup a router on my network to route traffic through to an internal device. I've got a pretty decent understanding of networking but there is something I am missing to get my setup to work.

    I'm trying to route traffic like this:

    Gateway(Comcast business modem) --> Cisco 881 router (Static IP) --> End device(Citrix server)

    I've got a static IP route-able IP for the router. I need to pass traffic through the router to one specific private address and no other address.

    Right now I've got the WAN interface setup correctly with the right IP and I can ping it. I've setup a Vlan with an IP of the private address of our network and I can ping that through the WAN interface.

    What I need now I guess is to figure out how to point all traffic coming in on the WAN interface to route to a given IP.

    Thanks!

  • #2
    Re: General routing question

    Since yo are trying to get public, routable traffic into a private network, you'll need to configure port forwarding. I would suggest you only forward on specific ports and not expose the server entirely.
    JM @ IT Training & Consulting
    http://www.itgeared.com

    Comment


    • #3
      Re: General routing question

      Thanks, I can definitely port forward as needed.

      I am eventually setting up Citrix Access gateway. I haven't got that far though.. Just figuring out how I would get the traffic where it needs to go.

      Comment


      • #4
        Re: General routing question

        You will need an access list entry permitting traffic from the outside to the server (acl will have your public ip address)


        access-list 100 permit ip any host x.x.x.x (your public ip)

        Lock down the access list to only the specific ports you need


        Then you need a static nat statement to translate the public ip to your private range. Once again narrow it down to specific ports (tcp etc)


        ip nat inside source static 192.168.1.20 X.X.X.X (X=your public ip)

        You could also just specify your outside interface it you have only 1 public ip

        ip nat inside source static 192.168.1.20 interface fa0/
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: General routing question

          Great info! That's what I am looking for. I should also mention my private addresses are class c addresses. 206.22.X.X, so they should be route-able within my network. They are not however real addresses.

          Not sure if that will change anything. But I'll go ahead and try these instructions.

          Comment


          • #6
            Re: General routing question

            Actually 206.x.x.x is a class C address but its not part of the private address ranges per the RFC.


            10.0.0.0 - 10.255.255.255
            Addresses: 16,777,216

            172.16.0.0 - 172.31.255.255
            Addresses: 1,048,576

            192.168.0.0 - 192.168.255.255
            Addresses: 65,536
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: General routing question

              I have a netowrk where I am using 02 Cisco 3945 router to connect to my 02 3750 switch with complete redundancy so I need some suggestions regarding configuration

              Comment

              Working...
              X