NAT a single address across WAN

Answered Question
Dec 4th, 2007
User Badges:

Greetings,


I need to NAT a single IP address from network A across the WAN to network B using two routers attached to a T1. Example - IP:10.1.5.47 on NetA becomes IP:172.16.10.79 on NetB.


Network B is also the default Internet gateway for network A. Is this simple to do? Thanks.

Correct Answer by ccbootcamp about 9 years 5 months ago

put the nat statement on your netb router:


ip nat inside source static 10.1.5.47 172.16.10.79


interface FastEthernet1/0

ip nat out


interface Serial2/0:0

ip nat in


remove the nat statement on NetA.


that should do it.


-brad

www.ccbootcamp.com

(please rate the post if this helps!)



Correct Answer by Jon Marshall about 9 years 5 months ago

Yes, it will only NAT that one IP address, all other traffic will not get Natted.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jon Marshall Tue, 12/04/2007 - 06:48
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


ip nat inside source static 10.1.5.47 172.16.10.79


On router connected to network A


int fa0/0

ip nat inside


int fa0/1

ip nat outside


where fa0/0 is the interface connecting to the internal network A and fa0/1 is the interface connecting this router to the router with network B on it.


HTH


Jon

iholdings Tue, 12/04/2007 - 06:57
User Badges:

Thanks for the prompt reply Jon.


So ... this will only NAT the single IP address coming from NetA and not all IPs correct? Forgive my ignorance.

Correct Answer
Jon Marshall Tue, 12/04/2007 - 06:58
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Yes, it will only NAT that one IP address, all other traffic will not get Natted.


Jon

iholdings Tue, 12/04/2007 - 08:00
User Badges:

Jon,


Thought this work serve my needs - but I've been told the user can't see past the internal netA


Here's what I have on the NetA router:


interface Ethernet0/0 [interface to NetB]

description BRIDGE connection to FOX 7206 - Fast4/0

ip address 10.1.51.2 255.255.255.252

no ip directed-broadcast

ip nat outside

ip route-cache flow


interface FastEthernet2/0 [NetA interface]

description LAN interface

ip address 10.1.7.1 255.255.252.0

no ip directed-broadcast

ip nat inside

ip route-cache flow

full-duplex


ip nat inside source static 10.1.5.47 172.16.10.79


any idea why this wouldn't work per your suggestions?



Jon Marshall Tue, 12/04/2007 - 09:51
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Can you post a "sh ip nat translations" from the router.


the 10.1.5.47 is entering the router in the fa2/0 interface ?


Also does the router at the far end know how to route back to 172.16.10.79 ?


Jon

ccbootcamp Tue, 12/04/2007 - 10:03
User Badges:
  • Gold, 750 points or more

do the devices on the other side of NetB have a route to 172.16.10.79? you got a visio of the network?


-brad

http://www.ccbootcamp.com

(please rate the post if this helps!)

Jon Marshall Tue, 12/04/2007 - 10:04
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Brad


The devices on NetB don't need a route to 10.1.5.47 as this will have been Natted to 172.16.10.79.


Jon

ccbootcamp Tue, 12/04/2007 - 10:10
User Badges:
  • Gold, 750 points or more

lol...you replied too quickly. :)


-b

Jon Marshall Tue, 12/04/2007 - 10:12
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

I know, and now my post looks like i'm losing my marbles if anybody else reads it :)


Jon

iholdings Tue, 12/04/2007 - 10:39
User Badges:

Hi all. Thanks for taking up my cause.


Here is a simple drawing of the networks. The two networks use EIGRP to route between. The router listed on the inside network - NetB (172.16.10.200) is where the host with 10.1.5.47 needs to get to - but that router only accepts connections from hosts in the 172.16.10.0 subnet - hence the need for the NAT.


Here is the output from your request:


COPA_WAN#sho ip nat translations

Pro Inside global Inside local--- 172.16.10.79 10.1.5.47


and the Outside global and Outside local are blank.


Let me know if you need more data.


Thanks.

ccbootcamp Tue, 12/04/2007 - 10:44
User Badges:
  • Gold, 750 points or more

so you are trying to have an address on NetA router show up on NetB with using an ip address from the NetB ip subnet? That won't work. If you want to do something like that, you'd have to setup a bridge or setup NAT on the NetB side router, not the NetA side router.


show us your configs for both routers. i'll reply with the config you need on NetB side router.


-brad

http://www.ccbootcamp.com

(please rate the post if this helps!)

Correct Answer
ccbootcamp Tue, 12/04/2007 - 11:25
User Badges:
  • Gold, 750 points or more

put the nat statement on your netb router:


ip nat inside source static 10.1.5.47 172.16.10.79


interface FastEthernet1/0

ip nat out


interface Serial2/0:0

ip nat in


remove the nat statement on NetA.


that should do it.


-brad

www.ccbootcamp.com

(please rate the post if this helps!)



iholdings Thu, 12/06/2007 - 04:54
User Badges:

Brad-


Awesome!! Works like a charm.


Thanks both to you and Jon for all your help!!

Actions

This Discussion