Ip nat

Unanswered Question
Nov 19th, 2008

One servers ip is 172.16.5.x this is connected through one path (path1) and secondary ip is 10.10.2.x through another path(path2)

Want to communicate to secondary ip as primary ip through path2.

1. LAN - Router1- Router - LAN-Server (172.16.5.x)

2. LAN - Router2 - VPN Device - VPN device - LAN - Server (10.10.2.x)

What should be the configuration in Router2

Pls extend your hand



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Davy Ad Thu, 11/20/2008 - 00:37

Hi Rezaul,

The best bet is to set default route in Router2

By Creating static route to R1



rezaul.karim Thu, 11/20/2008 - 04:41


Issue is slightly different. Server beyond the LAN can communicate with the both primary and secondary ip address of remote m/c through only by one ip address.This is the limitations of the application runnning of the host server.

So server will connect to the secondary ip (10.10.2.x) as primary ip (172.16.5.x) so i think ip nating has to enabled in R2

Pls help



rezaul.karim Sun, 11/23/2008 - 00:35


Swithcing server can identify the ATM server through the ATM ID. BUT only one ip can be put for one ATM ID. So the switching server can identify the ATM by only one IP.

Pls see the attachment

Now want to know the configuraton of Router2 as per attachment

Anyone help me



k.cherian Sun, 11/23/2008 - 02:39


One question that I would want to know is, does Router 2 have a route to reach the ip server? If so, then on he R2 we can configure a static nat config that will change the source ip to anything in the network. But then, you said it was using path1, why do u wanna change anything on R2?

Awaiting ur reply.

-/ Kiran

tcordier Sun, 11/23/2008 - 03:03

You need to take care of two issues: routing and NAT. For the routing you need to make sure that router 1 uses router 2 for the destination I assume that path 2 is a backup and should be used only when the path 1 is unavailable? If that is correct, you can add a static route to router 1:

ip route 200

This will trigger router 1 to use router 2 to reach only when no other route is available. You must also make sure that the ATM routes traffic to to the VPN device in situations where you want path 2 to be taken.

Then NAT. I would try to apply NAT outside on router 1, like this

ip nat outside source static

Then apply on router 1 on the interface towards the switching server, and on the interface towards router 2. Since the "outside" is towards router 2, packets will only get translated when they are routed over path 2, otherwise not.

You can not apply NAT outside on router 2 because router 2 will first lookup the destination address before translating, and router 2 has no route to

I hope I have correctly understood your situation, if not let me know. It would also be helpful if there are additional information about routing protocols.

HTH, Thomas


This Discussion