I'm trying to provide a new public address to a server I maintain and I could use some help figuring out the steps.
- The machine that needs a new address
- Both NICs already in use
- Exists on two LANs and zero WANs
- Access to and from the internet is passed through a fire wall over LAN 1
Server 1 is already a production server in heavy use (so I need to be careful). The firewall currently used for NAT to that box is kind of limited, and we ran out of addresses in our WAN block. The CoLo facility provided us with a new block of addresses but the firewall can't handle 2 different subnets for whatever reason. Now Server 1 needs a new IP to accommodate a new SSL certificate. As a workaround, what I would like to do is provide NAT for Server 1 via Server 2, which has direct access to the new block of public addresses.
- The machine to provide NAT / routing
- Exists on 1 LAN and 1 WAN (internet)
- Communicates directly to the world via a publicly accessible IP
- Can claim additional public IPs
- Also a live production web server
Server 1 and Server 2 both exist on LAN 1. What I would like to do is provide NAT from a new public address on Server 2 to a new local address on Server 1 and then add a route for the new interface on Server 1 to send outgoing responses through Server 2 where it is NAT'd again to appear to come from the new public address.
I've taken a couple stabs at this without much luck so if anyone can help I'm much obliged.