One ftp server, 3 internet IP

Discussion in 'Cisco' started by Jean-Claude, Jun 10, 2005.

  1. Jean-Claude

    Jean-Claude Guest

    Hi,

    My question is a bit tricky, I need your points on this.

    First, please have a look at the small diagram I've posted there.

    http://cjoint.com/?gkn1qtXQQj

    What is missing from the "Red Line" to have it working? Basically, the end
    users decides which IP he wants to use for ftp files to the server. Teh end
    customer decides it himself with prior notice.

    The ftp server has only one default gateway. So, we need something in front
    of the ftp to detect from which PIX the connection is coming and then to
    force the packets to keep using the same PIX for coming back.

    Dynamic routing does ot apply here since the end user decides really himself
    the path

    Thank you!

    JC
     
    Jean-Claude, Jun 10, 2005
    #1
    1. Advertising

  2. In article <>, Jean-Claude <> wrote:
    [3 different PIX connected to a single network]

    :The ftp server has only one default gateway. So, we need something in front
    :eek:f the ftp to detect from which PIX the connection is coming and then to
    :force the packets to keep using the same PIX for coming back.

    If it is not important that the FTP server itself be able to log the
    original IP address of the user, then what you can do is tell
    each of the PIXes to nat the *source* addresses to an IP address
    range that is specific to the PIX.

    For example, you could nat the Equant sources to 192.168.14.x,
    the Cold to 192.168.45.x, and the MCI to 192.168.89.x .

    Your LAN router would direct outgoing packets with these destinations
    back to the appropriate PIX. The PIX would recognize that destination IP
    was NAT'd and would un-NAT the destination back to the original source
    address that was on the packet that was incoming.


    This process does not work if you need the inside machines to see
    the -original- source IP addresses (e.g., for authentication
    purposes.)
    --
    Studies show that the average reader ignores 106% of all statistics
    they see in .signatures.
     
    Walter Roberson, Jun 10, 2005
    #2
    1. Advertising

  3. Jean-Claude

    Jean-Claude Guest

    Not sure I get this one. Well, The, what about the default gateway to add to
    the server then?

    You mean by your answer that the PIX "keep in memory" who asked the NAT?

    No, no, no - I can get it.

    If the user comes from the COLT link, how the server knows it has to reply
    the packets to the PIX connected to the COLT backbone and not MCI?

    Thanks ;) I do understand quick but the teacher has to explain slowly ;-)

    JC
     
    Jean-Claude, Jun 10, 2005
    #3
  4. Jean-Claude

    Jean-Claude Guest

    Ok, I hide nat the Internet clouds. Good idea ;-)

    JC
     
    Jean-Claude, Jun 10, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jean-Claude

    One ftp server, 3 internet IP

    Jean-Claude, Jun 10, 2005, in forum: Cisco
    Replies:
    0
    Views:
    375
    Jean-Claude
    Jun 10, 2005
  2. Frosty

    ftp://ftp.isc.org

    Frosty, Nov 22, 2006, in forum: Computer Support
    Replies:
    2
    Views:
    1,233
  3. Mike Easter

    Why can't I access ftp://ftp.isc.org/ ?

    Mike Easter, Mar 14, 2007, in forum: Computer Support
    Replies:
    10
    Views:
    992
    Vanguard
    Mar 15, 2007
  4. Replies:
    1
    Views:
    596
    Lutz Donnerhacke
    Sep 13, 2007
  5. inventor1984
    Replies:
    4
    Views:
    1,789
    Dave \Crash\ Dummy
    Dec 21, 2009
Loading...

Share This Page