Dynamic Nat

Unanswered Question
May 13th, 2007
User Badges:

Hello Everyone, First off I want to say this is my first time posting so sorry if I mess something up. I am just beginning, I have purchased a Cisco 871W router and trying to solve a problem. How my current network is set up I have a Network A: 192.168.46.0/24 and Network B 10.47.1.0/24. The 871W router Lan is on Network B and Wan is on Network A. I want to create it to where whenever an IP address is given out on the Lan it will request one from the Wan. The problem is I can't use a present Range. How I have it set up now I have a range:

ip nat pool TestOutside 192.168.46.150 192.168.46.254 netmask 255.255.255.0

ip nat inside source list 5 pool TestOutside

access-list 5 permit 10.47.1.0 0.0.0.255

The problem with that, is there is a chance that the DHCP server can still give out the ip: 192.168.46.151 and I don't want that to happen. If I can get it to where it knows just to get another IP from the DHCP server it will be great. Thanks for the help and sorry for any mistakes I might have made.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Hello,


It is a bit unclear what you want to achieve.

Can you send a diagram about how your netwrok looks. My impression is you want to avoid that the DHCP server on the WAN interface assign the 192.168.46.150 192.168.46.254 range to hosts other than the router. If the DHCP server is a Cisco router than you can configure "ip dhcp excluded-address" if not I think that somehow can be configured in that way.

Anyway your NAT config is not the best because you try to translate a /24 to 104 addresses without overloading. It is one thing but no problem until less than 104 hosts want to communicate outside.


Hope this helps

philip.bonner Mon, 05/14/2007 - 06:39
User Badges:

Internet ->Cable Modem->[WAN]Router A[LAN]->

[Network A]

Computer A

Switch A

Computer B

[Wan]Router B[LAN]-> [Network B]

Computer C

Computer D

Network B is mainly used as a testing network and so it will never have over 50 computers. The reason I need this is because Router A has a restriction on the amount of bandwidth each IP. So when I do have 50 computers connected it appears to Router A that 1 IP address is 50 times the normal bandwidth.

Well, so you have cascaded the 871W (RouterB) to the other router and the hosts connected to router B's LAN will be one-to-one translated to the address range on RouterA's LAN right?

So your problem is that how to avoid that RouterA to assign an IP address for a host on from the pool set on RouterB right?

philip.bonner Mon, 05/14/2007 - 07:17
User Badges:

I want it to be that if Router B gives out an IP address that it will request an IP address from Router A to use for a direct one to one Ratio. So Router B gives out an IP address of 10.47.1.4 I then want Router B to ask Router A for an IP Address and then in the Nat translations it would be 10.46.1.4 (internet) to 192.168.46.* (where * can be anything 1-254)(external). That make more sense?

Yes it is getting clear :)

I'm afraid it cannot be configured in this way. The routerB won't be able to "ask" for an address. But I have another idea.

Configure routerB to run DHCP on its WAN interface with default gateway set to routerA's LAN IP addr. In this way you will have more control on the addresses assigned on NetworkB by means of DHCP. You still have to configure the excluded addresses on RouterB so your router won't assign that addresses you want to be used for the outside address pool. Is it ok for you? Obviously you have to turn of the DHCP server in routerA.

philip.bonner Mon, 05/14/2007 - 07:36
User Badges:

Thank you for answering my question, the only problem is that situation wont work, Network A has to be Independent of Network B. So Router B could not issue the DCHP addresses. It has to be in a way that if we randomly remove Router B everything still works. But once again thank you for answering my question

philip.bonner Mon, 05/14/2007 - 13:36
User Badges:

The problem is Router A can not change, no matter what. So that there presents a problem. If it could change then I would expand the subnet to allow the static addresses. Basically creating two subnets in one.

And what if use overloaded NAT (inside addresses translated to one outside address by means of NAT/PAT). The outside address can be the WAN address of routerB. Here is link to see the how NAT works:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094831.shtml

You can do many things but if I understood you want to change the nat pool dynamically based on DHCP requests/replies either on LAN and WAN interfaces which is not possible.


Hope this helps,

Krisztian

Actions

This Discussion