12-20-2007 12:35 PM - edited 03-12-2019 05:53 PM
Can anyone tell me if the following nat is possible?
I have several ip addresses on the following network (192.168.34.0/24), which is the corporate network. Our firewall outside address is 192.168.64.11. Our dmz is 10.97.0.254, which connects directly to a VPN3000 that has a tunnel to a verizon wireless network. The only sa coming from our side of the tunnel can be 192.168.100.0/28. The far end wireless modems are on 192.168.33.0/24.
Can I have all 192.168.34.X addresses that come thru the firewall be natted to one address, for example 192.168.100.7? So if I was trying to telnet to 192.168.33.140 from 192.168.34.92, I want my sa to change to 192.168.100.7 and at the same time the guy in the cube next to me is telnetting to 192.168.33.141 from 192.168.34.118 and I want him to use 192.168.100.7 as well. Is this possible?
12-20-2007 02:11 PM
Hi Mark
Is 192.168.34.0 your inside network? And want it to be natted to 192.168.100.7 at DMZ interface if the traffic is to the network at the remote site of tunnel? If yes, this is possible, post your config with your anser.
Regards
12-21-2007 03:49 AM
No, .34.0 is on the outside interface. Using a static statement I can get 1 address to work. Also, at any one time 192.168.34.92 could need to get to 192.168.33.129, and then .141, and so on. I just want to be clear that any .34.X needs to be able to get to any 192.168.33.X and always use 192.168.100.7.
Attached is the config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide