Can I setup NAT for the same service, two public IPs on different routers to the same private IP?

Posted by James on Server Fault See other posts from Server Fault or by James
Published on 2010-03-16T06:34:14Z Indexed on 2010/03/16 6:36 UTC
Read the original article Hit count: 415

Filed under:
|

This might be needlessly complex, but here goes.

I've got two Firebox x550e devices. The first has a local IP of 10.0.0.1, public IP 64.x.x.x. The second has a local IP of 10.0.0.10, public IP 70.x.x.x.

There is an FTP server on our LAN with a private IP of 10.0.0.55. I've set up NAT rules in each of the Fireboxes, on the first firebox it is 64.x.x.x->10.0.0.55 tcp 21, on the second 70.x.x.x->10.0.0.55 tcp 21.

The first rule works fine. I can ftp to 64.x.x.x and everything's good. The second rule doesn't work. ftp to 70.x.x.x results in a connection timeout. The second firebox logs say the connection is being allowed through.

The default gateway on the FTP server is 10.0.0.1 (the first firebox) If I change the default gateway on the server to 10.0.0.10, the rule on the second firebox starts working, but the rule from the first firebox stops.

Is there some way to make this work for both rules?

© Server Fault or respective owner

Related posts about nat

Related posts about firebox