Announcement

Collapse
No announcement yet.

Vpn nat

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Vpn nat

    Guide me on the following please..

    1.establishing a Static NAT for a machine to be accessed outside

    2.We need to establish a VPN with a separate organization.However, they are requesting we change our internal subnet from 192.168.8.0/24 to another one like for example 192.168.1.0

    So am not sure of every time we need to establish a VPN with an external entity we will need to be making this changes.

  • #2
    Re: Vpn nat

    Since my crystal ball is on the blink (again ) a tiny clue what equipment (presumably Cisco) is involved would probably help.

    Of course other contributors may have working psychic powers, so may not need this information
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Vpn nat

      offcourse its cisco Tom.
      Why the satire..

      Comment


      • #4
        Re: Vpn nat

        Because satire (not to mention sarcasm) is a high form of comedy and greatly unappreciated

        I suppose I really meant (but didn't actually say ) what models of Cisco equipment are in use.
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Vpn nat

          The cisco models are cisco 2800

          Comment


          • #6
            Re: Vpn nat

            any help on this?

            Comment


            • #7
              Re: Vpn nat

              Originally posted by pope View Post
              1.establishing a Static NAT for a machine to be accessed outside
              Are we talking port forwarding or do you have a dedicated public IP address for this internal host?

              Originally posted by pope View Post
              2.We need to establish a VPN with a separate organization.However, they are requesting we change our internal subnet from 192.168.8.0/24 to another one like for example 192.168.1.0

              So am not sure of every time we need to establish a VPN with an external entity we will need to be making this changes.
              That's the problem with RFC 1918 addresses, they are used everywhere. Which is why you should at the very least stay clear of the most commonly used subnets, like 10.0.0.0/24, 10.10.x.x/24 and more or less the entire lower half of the 192.168.0.0/16 block. A subnet from the 172.16.0.0/12 block is somewhat less likely to cause conflicts, but of course, it could still happen.

              Rather than renumbering your network, you could try NATing your internal network behind the network suggested by the external entity, but that probably wouldn't be enough. The reason the other organization wants you to switch is that they are using that network themselves. Not only would you have to NAT your own network behind another network, you'd need to NAT their network behind yet another network as well.

              I'd renumber the network if I were you, and I would also seriously consider getting a small public network to use as endpoint for VPN connections.

              Comment

              Working...
              X