• cabling news
  Newsletter Industry News Our Site News
• help
  Home Cabling Guide Cabling FAQ Free Helpdesk Forums Learn Cabling
• resources
  Color Codes Pin Layouts Links E-books Bookstore Online Tools Downloads
• this site
  Home Page Contact us Advertise Here Link to us
• this page
  Bookmark It! Print
• +

Cisco Systems ip nat inside and outside at the same time.

Bookmark this page:   Yahoo!   Google   Windows Live   del.icio.us   digg   Netscape

Subject Author Date ip nat inside and outside at the same time. AM 11-08-05

Posted by AM on November 8, 2005, 6:42 pm Please log in for more thread options Ok, my goal is to do something like redirection. I mean I would like to use a Cisco router as a redirecter that forwards all traffic arriving on a specific address to another host. Please find the most important statements of the configuration on rtr A (got from scratch) below: interface Vlan1 ip address 192.168.250.1 255.255.255.0 ip nat outside ip virtual-reassembly ip tcp adjust-mss 1452 ip route 0.0.0.0 0.0.0.0 192.168.250.3 ip nat inside source static 192.168.250.3 10.10.10.10 ip nat outside source static 192.168.200.1 192.168.250.1 The topology is as follows router A (Vlan1)-----------(Eth2)router B(Eth0)-------------(Eth)PC Eth-PC                        192.168.200.1/24 Eth0-rtrB                192.168.200.253/24 Eth2-rtrB                192.168.250.3/24 Vlan1-rtrA                192.168.250.1/24 on router B I have this statement ip route 10.10.10.10. 255.255.255.255 192.168.250.1 What the rtrA is expected to do by me is to translate the destination address from 10.10.10.10 to 192.168.250.3 and at the same time (say a bit later) to change source address from 192.168.200.1 in to 192.168.250.1. So while sending icmp packets to 10.10.10.10 it receives the same exact packets from 192.168.250.1 after being translated. This is what is happens on rtrA when from the PC I try to ping 10.10.10.10 yourname(config)# *Mar 3 05:39:48.798: NAT*: o: icmp (192.168.200.1, 1024) -> (10.10.10.10, 1024) [41569] *Mar 3 05:39:48.798: NAT*: o: icmp (192.168.200.1, 1024) -> (10.10.10.10, 1024) [41569] *Mar 3 05:39:48.798: NAT*: s=192.168.200.1->192.168.250.1, d=10.10.10.10 [41569] *Mar 3 05:39:48.798: NAT*: s=192.168.250.1, d=10.10.10.10->192.168.250.2 [41569] *Mar 3 05:39:54.026: NAT*: o: icmp (192.168.200.1, 1024) -> (10.10.10.10, 1024) [41605] *Mar 3 05:39:54.026: NAT*: s=192.168.200.1->192.168.250.1, d=10.10.10.10 [41605] *Mar 3 05:39:54.026: NAT*: s=192.168.250.1, d=10.10.10.10->192.168.250.2 [41605] *Mar 3 05:39:59.026: NAT*: o: icmp (192.168.200.1, 1024) -> (10.10.10.10, 1024) [41612] *Mar 3 05:39:59.026: NAT*: s=192.168.200.1->192.168.250.1, d=10.10.10.10 [41612] *Mar 3 05:39:59.026: NAT*: s=192.168.250.1, d=10.10.10.10->192.168.250.2 [41612] *Mar 3 05:40:04.038: NAT*: o: icmp (192.168.200.1, 1024) -> (10.10.10.10, 1024) [41619] *Mar 3 05:40:04.038: NAT*: s=192.168.200.1->192.168.250.1, d=10.10.10.10 [41619] *Mar 3 05:40:04.038: NAT*: s=192.168.250.1, d=10.10.10.10->192.168.250.2 [41619] yourname(config)# yourname(config)# yourname(config)#do sh ip nat tra Pro Inside global Inside local Outside local Outside global --- --- --- 192.168.250.1 192.168.200.1 icmp 10.10.10.10:1024 192.168.250.2:1024 192.168.250.1:1024 192.168.200.1:1024 --- 10.10.10.10 192.168.250.2 --- --- yourname(config)# yourname(config)# yourname(config)# *Mar 3 05:41:04.482: NAT: expiring 10.10.10.10 (192.168.250.2) icmp 1024 (1024) yourname(config)# It seems to me that the rtrA makes correctly the translation but I don't get any response on PC. Is it correct or maybe there is another way to do what I want? In some way I would do some sort of "proxy". I reported an example with icmp protocol but it will be used with tcp and udp protocol. I tried with telnet but it didn't work too. Many thanks and sorry for the long post. Alex.

Similar Threads	Posted
ip nat inside and outside at the same time.	November 8, 2005, 6:42 pm
Configuring an inside nat group on inside interface	April 10, 2006, 4:38 pm
Cisco 837 - how to set up Inside to Inside NAT for DNS resolution?	May 23, 2006, 2:00 pm
keep getting a time out	March 12, 2007, 6:46 pm
QoS by time?	December 3, 2007, 2:05 am
time-range and PIX	October 6, 2005, 11:16 am
tcp app response time	December 22, 2006, 8:13 am
Time Changing	January 25, 2007, 6:27 am
Time Changing	January 25, 2007, 6:27 am
Time Changing	January 25, 2007, 6:27 am
How many of you Failed the 640-801 First Time?	April 14, 2007, 10:32 pm
Etherchannel plus routing at the same time?	July 25, 2005, 12:36 pm
ADSL - Response-time	January 8, 2006, 4:01 pm
time-range performance	February 11, 2006, 10:03 pm
WebVPN URL getting time out error	May 3, 2006, 6:39 pm

Contact Us | Privacy Policy