Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
331
Views
4
Helpful
1
Replies

Complex NAT question Cisco 3825 and DS-3

adamcball
Level 1
Level 1

‎03-29-2007 08:02 AM - edited ‎03-03-2019 04:21 PM

I have what to me is a complex NAT question.

I have a Cisco 3825 with a DS-3 and two GigE connections. I have one GigE set to my internal LAN and the other to my DMZ.

I have a /25 set of public IP's.

My provider does not route the IP given to the serial interface.

Here is the real question, can I NAT the serial interface with one of my public IP's and still be able to use static NAT's for specific addresses on my two GigE interfaces?

The reason I want to do this is that I can use the 3825's VPN capability. Currently I have it setup so that I use a NAT pool on the LAN side and static NAT's on the DMZ. Everything is working great except for the fact that I can't use the 3825 for a VPN server due to the fact that I can't get to the Serial IP from the outside.

Hopefully that makes sense, if not, I would be happy to provide more info and explanation.

Thanks,

Adam

Labels:
0 Helpful
1 Reply 1

paolo bevilacqua
Hall of Fame
Hall of Fame

‎03-29-2007 08:47 AM

Hi,

is not too complex. Disregard the serial interface address. Any of the public address on the router will work to terminate IPSec, as long no static NAT is using these address/ports. But it appears that you have none at the moment, your public addresses are only used for NAT pooling.

So, configure a free adresss as loopback interface in the router with mask /32.

Hope this helps, please rate all useful posts!

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card