Best Practices for NAT systems

Unanswered Question
Aug 14th, 2009
User Badges:

I have a system that we NAT through a firewall. A partner whom we are setting up a VPN connection with only will accept registered IP addresses. The way our network is setup, I will have to NAT this address again to a public IP. So I am wondering what are the pro's/con's of doing this. If it is not a good idea, then I will engineer another way to set this up. Thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Thu, 08/20/2009 - 07:43
User Badges:

There will not be any issue in converting the private addresses into a public IP address. the below document explains with an example in which the network manager has two ranges of IP addresses that are registered on the Internet. The network manager must convert all of the internal addresses, which are in the 10.0.0.0/8 range, into registered addresses. The ranges of IP addresses that the network manager must use are 172.16.1.1 through 172.16.1.62 and 172.20.1.1 through 172.20.1.254 .

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800b6e1a.shtml#multi_global

mwroten Tue, 08/25/2009 - 08:21
User Badges:

So it is safe to NAT this address twice? For example, we would NAT it from a 10.0.0.5 to 192.168.1.5 address. Then take the 192.168.1.5 and NAT that to a public registered IP address? Thanks!

Gerard Roy Tue, 08/25/2009 - 14:10
User Badges:

That will work with no problems as long as your doing nat and not pat.

mwroten Tue, 09/01/2009 - 08:22
User Badges:

Thank you very much for taking the time to assist me on my questions!

Actions

This Discussion