Static NAT, Public to Private IP for Inbound/Outbound Connection

Answered Question
Nov 10th, 2009

Hi ,

I need to configure Cisco 1841 to translte public IP ( 95.141.153.100) to the private IP (10.0.0.253)and vice versa.I am using ADSL2, PPPoA and Dialer interface configured for NAT overload/PAT.

Public IP 95.141.153.100 sholud be translated to 10.0.0.253 which will use to build the VPN tunnel to the remote ofice.

To build the VPN from the remote office, remote office(sonicwall) will use public IP 95.141.153.100 but when it will hit the NAT router it should get translated to Private IP 10.0.0.253/24 which is a Sonicwall LAN IP.

Can you please advise if that is possible and what configuration is needed.

Diagram:

Remote Office----->Inernet----->C1841----->Sonicwall------>LAN Switches------PC/Servers

Do I ned to create two NAT statments, one for inbound and one for out bounds traffic? ANy sample config will help.

Will SonicWall be pingable from the internet using IP 95.141.153.100 ?

Many thanks for your time and support.

I have this problem too.
0 votes
Correct Answer by ohassairi about 7 years 1 month ago

in this example We need to publish many internal services (web, smtp, ftp…) using just one public IP address (171.68.1.1)

interface Ethernet0

ip address 192.168.0.254 255.255.255.0

ip nat inside

!

interface Serial0

ip address 171.68.1.1 255.255.255.240

ip nat outside

!

access-list 1 permit 192.168.0.0 0.0.0.255

ip nat inside source list 1 interface serial0 overload

!

ip nat inside source static tcp 192.168.0.5 80 171.68.1.1 80 extendable

ip nat inside source static tcp 192.168.0.6 25 171.68.1.1 25 extendable

!

ip route 0.0.0.0 0.0.0.0 171.68.1.254

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
ohassairi Sun, 11/22/2009 - 21:30

in this example We need to publish many internal services (web, smtp, ftp…) using just one public IP address (171.68.1.1)

interface Ethernet0

ip address 192.168.0.254 255.255.255.0

ip nat inside

!

interface Serial0

ip address 171.68.1.1 255.255.255.240

ip nat outside

!

access-list 1 permit 192.168.0.0 0.0.0.255

ip nat inside source list 1 interface serial0 overload

!

ip nat inside source static tcp 192.168.0.5 80 171.68.1.1 80 extendable

ip nat inside source static tcp 192.168.0.6 25 171.68.1.1 25 extendable

!

ip route 0.0.0.0 0.0.0.0 171.68.1.254

s.nasheet Mon, 11/23/2009 - 02:55

ohassairi ,

I got  the idea, thanks for the sample  config.

Regards

Actions

This Discussion