RE: NAT question

From: chrlewis@cisco.com
Date: Mon Sep 26 2005 - 22:47:30 GMT-3

• Next message: Duongla: "Re: IPV6 redistribution issue"
• Previous message: Scott Smith: "Re: NAT question"
• Maybe in reply to: Scott Smith: "NAT question"
• Next in thread: Vazman: "Re: NAT question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Yes, this will not work. I can see you have extended the logic of
defining inside source static translation when translating source
addresses one way, as one would typically do when using NAT to connect
to the internet. If you try to apply the same logic with outside source
translations, the translating router will source replies from itself
rather than forward the packet.

If you do a debug ip packet on the translating router, you should see
replies being sourced from local if you try pings from both ways.

The robust way to solve this is to have two completely separate
translations, say have R1 ping 172.16.3.3 and have that translated to
the real address of BB3, then have BB3 ping sat 200.1.1.1 and translate
that to the real address of R1. If this happens in the lab scenario, you
typically cannot just create staic routes for R1 and BB3 to be able to
send these packest towards R3, so you will have to choose destination
addresses that each router already knows about and that point towards R3
to get it working within the constraints of typical labs.

Chris

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Scott Smith
Sent: Monday, September 26, 2005 11:18 AM
To: groupstudy
Subject: NAT question

I'm attempting to allow BB3 and R1 to communicate with neither having a
route to the other.

When I ping from R1 to BB3 the translation works but no response is
received on R1. When I ping 204.12.1.20 from BB3 R3 replies (should
it??) and no translation is attempted. Would someone be kind enough to
tell me what I'm doing wrong?

R1 ---- R3 ---- BB3

R3 Config:

interface Ethernet0/0
ip address 128.1.0.3 255.255.255.0
ip nat outside

interface Ethernet0/1
ip address 204.12.1.3 255.255.255.0
ip nat inside

ip nat inside source static 204.12.1.254 128.1.0.5 ip nat outside source
static 128.1.0.1 204.12.1.20

R1 config:

interface Ethernet0/0
 ip address 128.1.0.1 255.255.255.0

BB3 Config:

interface Ethernet0/0
 ip address 204.12.1.254 255.255.255.0

--
Scott Smith

• Next message: Duongla: "Re: IPV6 redistribution issue"
• Previous message: Scott Smith: "Re: NAT question"
• Maybe in reply to: Scott Smith: "NAT question"
• Next in thread: Vazman: "Re: NAT question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:16 GMT-3