Announcement

Collapse
No announcement yet.

Help in NAT Outside-to-Inside issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help in NAT Outside-to-Inside issue

    Hi,

    I want to create a connection wherein the traffic is from NAT outside to inside, with the outside initiating the traffic.

    The set up would be that Host A is in the inside and Host B and Host C are located outside.

    Both Host B and Host C should be able to connect to Host A, with traffic initialization coming from either Host B or Host C.

    I have included a general overview of the connection in the attachment.
    I tried using the dynamic NAT but its not applicable since the connection is being initiated from outside.

    Could anyone help on how to setup the connection with the given requirements?

    The NAT router is Cisco 7206VXR.

    Thank you in advance....
    Attached Files

  • #2
    Re: Help in NAT Outside-to-Inside issue

    Not sure why you want to set this up this way. The only reason I can think of is that the outside hosts share a common network with your inside hosts. Usually from a company merger etc. So my question is why use nat at all? Just use your routing table to route the traffic etc


    Is the outside coming from the internet or some other untrusted network?
    Last edited by auglan; 23rd January 2012, 13:45.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: Help in NAT Outside-to-Inside issue

      hi auglan...

      Yeah, Host B and C are untrusted network (3rd party company). B and C are two different services, therefore in different networks. These hosts then need to connect to one server, Host A (not simultaneously) for the UAT/DEV testing.

      Comment


      • #4
        Re: Help in NAT Outside-to-Inside issue

        Host A

        ip nat outside source static 2.2.2.1 10.10.10.3


        Host B

        ip nat outside source static 3.3.3.1 100.100.100.3


        Remember that the order of operations regarding nat outside and nat inside

        When using nat outside the address first gets nat'd then routed and nat inside gets routed first then natted. If there is no route in the RIB the packet will get dropped

        ip route 10.10.10.3 255.255.255.255 2.2.2.1

        ip route 100.100.100.3 255.255.255.255 3.3.3.1



        Or you could use the add-route option after the static nat statements. This will put host routes in the routing table
        Last edited by auglan; 25th January 2012, 13:44.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment

        Working...
        X