I have a Cisco router with static NATs configured. The NATs reference an internal reserved 192.168.1.0 network. My question is should I be able to form a socket connection from the 192 network by referencing the NAT'ed IP address. The client and server are on the same subnet.
Note: I can connect from the 192 netted client to the 192 netted server with the IP address referenced via the static NAT (the 192).
Thanks
I have a Cisco router with static NATs configured. The NATs reference an internal reserved 192.168.1.0 network. My question is should I be able to form a socket connection from the 192 network by referencing the NAT'ed IP address. The client and server are on the same subnet.
Note: I can connect from the 192 netted client to the 192 netted server with the IP address referenced via the static NAT (the 192).
Thanks
I have a Cisco router with static NATs configured. The NATs reference an internal reserved 192.168.1.0 network. My question is should I be able to form a socket connection from the 192 network by referencing the NAT'ed IP address. The client and server are on the same subnet.
Note: I can connect from the 192 netted client to the 192 netted server with the IP address referenced via the static NAT (the 192).
Thanks
No, NAT only takes effect when going from inside to outside or vice versa. Remember, when you're setting up NAT you have to designate interfaces as "ip nat inside" or "ip nat outside". An outside address is only in effect for packets going through the outside interface.
Barry and others,
Please bear with me, but I would like to expound on my question in case I didn't explain it properly the first time.
I have two servers running NLB behind my "ip nat inside" (192.168.1.x) router interface. I also have Internet IP addresses in the range
71.125.24.x on my routers "ip nat outside" interface. One of the static nat(s) on the router is "ip nat inside source static tcp 192.168.1.90 71.125.24.x".Question: Why can I ping the external IP address 71.125.24.x, referenced by the static nat, from the 192 network while not being able to telnet to that same IP address? The ping seems to loopback thru the router. Is there something that I can configure on the router which will allow telnet to also loopback?
I forgot to mention that I can telnet to the IP address (71.125.24. x) and port in question from the Internet. Do I need to configure an ACL, or something, so that the 192 network can access itself by referencing the statically NATed 71.125.24.x?
The NAT commands that I am using on the router are: (ip nat inside) (ip nat outside) (ip nat inside source static tcp IPAddr IPAddr)
Tx Peter
I removed all of the 'ip access-group' statements from the router's interfaces and still couldn't telnet to an externally NATed IP address, which point in to our local network, from within. At the same time, I was able to connect via the Internet to these same NATed IP addresses.
The reason that I keep pressing is because my boss has someone telling him that this does/should work and I am stuck either making work or disproving the person.
Any advice?
I don't think Cisco has ever supported this in their NAT implementation.
There may be some special casing of ping going on, which would explain why your ping test succeeded but everything else fails.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.