I am not a Cisco Certified Anything, but I’ve occasionally needed to tweak router configurations and/or troubleshoot problems related to monitoring the correct application, on the correct ip address, on the correct port, etc., and I’ve picked up a few basic concepts that anyone managing a web application should know.

The typical configuration these days is to have a router AND firewall such as the Cisco Adaptive Security Appliance (ASA) previously known as a PIX. Both devices run the Cisco IOS and may support the same basic commands I will detail below for purposes of setting up network address translation. But you should not be “setting up” anything…you are sitting there with the login information to the router and your new responsibility of keeping it running until the economy improves and you can hire back a network engineer.

The router will have an “outside” network–the public address space for your website. For example, if you ping www.heroix.com, you will see an address like 206.159.134.200. If you were “inside” the company, on the same private network as the web server (or load balancer) you would find the server responding with an address like 10.10.10.200. One of the jobs of the router or firewall is to translate that public address to the private address and allow only certain traffic (e.g. web browsers loading your pages) to pass.