Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
338
Views
0
Helpful
2
Replies

Conditional outside NAT??

Sonugnair_2
Level 1
Level 1

‎02-28-2007 05:32 AM - edited ‎03-03-2019 03:58 PM

i have a scenario like this:-

There are 3 companies A,B and C. The WAN connection is thru ISDN BRI links(1841 routers).Traffic from A has to travel to B and C. When traffic enters form A to B lan source ip of packets should appear as it is. But when traffic is headed for C the source ip address of packets from A have to be hidden. ie depending upon the destination the source ip's have to be as it is or hidden. Is this possible?. Is outside nat the solutoin. Pls help!!

Thanks and regards

Sonu

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎02-28-2007 05:44 AM

Hi Sonu

On router A you can use a route-map to NAT when traffic is going to C

eg

Your router at Site A has an inside interface which connects to your internal network - fa0/0

& an external interface that is used to get to the remote site - fa0/1

Site A subnet is 192.168.5.0/24

Site C subnet is 172.16.5.0/24

access-list 101 permit ip 192.168.5.0 255.255.255.0 172.16.5.0 255.255.255.0

access-list 101 deny ip any any

route-map hide permit 10

match address 101

ip nat inside source route-map hide interface fa0/1 overload

On the inside interface fa0/0 -

ip nat inside

on the outside interface fa0/1

ip nat outside

What the above will do is if traffic from site A ( 192.168.5.0 ) goes to site C (172.16.5.0 ) it will get Natted to the IP address of the fa0/1 interface on your router.

If the 192.168.5.0 subnet goes to any other place or any other traffic going from inside to outside on your router this will not get Natted.

Does this make sense ?

Jon

0 Helpful

Sonugnair_2
Level 1
Level 1
In response to Jon Marshall

‎03-01-2007 08:24 AM

Hi,

Thanks,

Routers for company A & C are not under my control.As such i have to implement this using B's (my company's) 1841 router using outside nat & route maps ie if it is possible.

A's src ip = 10.15.215.101

C's src ip as seen by A = 172.29.41.10

C's src ip as seen by B (my company) = 10.1.5.197

B's (my company) LAN ranges:- 10.10.9.X

10.50.12.X

ie 10.1.5.197 has been NATed to 172.29.41.10

The requirement is:-

When traffic from A (10.15.215.101) goes to 172.29.41.10 (C) its source ip ie 10.15.215.101 has to be changed to 10.50.12.X.(to appear as though it is sourced from our LAN)

But when traffic from A(10.15.215.101) goes to our LAN its source ip has to remain as such.(obvious)

I want to know if this is possible by configuring our 1841 router having IOS 12.3, without doing anything on other routers.The connection between the routers is by ISDN BRI.Please advice as to how this can be overcome !

Thanks & regards

Sonu

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card