Just a bit of explanation. E0 interface is for inside network (LAN interface). E1 is for outside (ISP or WAN physical interface). Dialer1 is for PPPoE (the "actual"/logical WAN interface). The 1.0.0.13 is ISP provided static IP address for the use of the server. This configuration example is for running FTP server, which uses the standard TCP port 20 and 21.
The LAN uses 10.10.10.0 network with 255.255.255.0 subnet for both servers and workstations. All servers within the LAN use static IP address. The router is configured as DHCP server to give out IP info (IP addresses, subnet mask, DNS) to workstations that are configured as DHCP client.
Basically I suggest that you deploy NAT (Network Address Translation) and PAT (Port Address Translation) to setup your own servers behind Cisco router. The NAT is used to translate the ISP's given static IP address to your local IP address. The PAT is used to translate TCP ports (the port 20 and 21) between the two IP addresses.
When using NAT/PAT, keep in mind that the Internet-accessible servers are seen from the Internet as their NAT/PAT-ed IP address (the Public IP address) and not the local IP address (not the Private IP address). This understanding is very important when you or someone need to test connectivity to the server and/or when you need to create filter (access list or ACL for short) to allow only certain incoming traffic from the Internet and block others.
Side Note:
For more info on NAT/PAT concept, check out the following FAQ
»
Cisco Forum FAQ »
NAT and PAT; Introduction and ImplementationsInstruments used in this illustration are pretty much standard for running your own servers. Please note that IP addresses, username, and password are changed. However, you could always modify the configuration to suit your situation.
This sample configuration assumes that you have a block of IP from ISP. There is a dedicated Public IP address for the router WAN interface (the Dialer1 interface) and another dedicated Public IP address for the server PAT IP address. If you only have a single Public IP address for both router WAN interface and server PAT IP address, there are several ways to configure the router.
One way is to use the same command as shown in sample configuration.
view plaincopy to clipboardprint?
- ip nat source static tcp 10.10.10.2 21 1.1.1.14 21 extendable
ip nat source static tcp 10.10.10.2 21 1.1.1.14 21 extendable
This one configuration way is suitable when you have static IP address from your ISP and you know exactly what the IP address is. In this case you have the 1.1.1.14 single static IP address for both the WAN interface and Public server IP address.
When you are unsure which IP address you receive from the ISP, or when your Public IP address keep changing; then another way to configure the static PAT is following
view plaincopy to clipboardprint?
- ip nat source static tcp 10.10.10.2 21 interface Dialer1 21 extendable
ip nat source static tcp 10.10.10.2 21 interface Dialer1 21 extendable
With situation of dynamic IP address, at some point you still need to know the exact Public IP address you receive from your ISP for server connection testing and production time. To find out, you can issue
show ip interface brief command on the router. You will then see the associated WAN interface Public IP address.
×