NAT question

Unanswered Question
Dec 17th, 2009

I have one router with 2 interfaces that go to 2 differenet routers but the 2 routers terminate on the same

distant end network.  Actually one is primary and the other is secondary, so the router with 2 interface

we will call chirt4 and the other two routers that it connects to we will call V1(primary) V2(secondary)

Also chirt4 has 2 other interfaces that connect to other locations as well.

source --->IP NAT IN chirt4---> has connection to V1 and V2 both interfaces are IP NAT IN

                                             inter 3 connection interface is IP NAT OUT

                                             inter 4 connection interface IP NAT OUT

Ok the problem is because the souce interface is IP NAT in and the connection to V1 and V2 are also

IP NAT in when I attempt a connection it will not work becuase the translastion never occurs because

of the source and the connnection to V1 and V2 are both IP NAT IN

So if I change the interface for V1 and V2 to IP NAT OUT the connection works as the NAT occurs

and sends it out the right way.  But the problem with this is that I also break connections for inter3 and 4

because now traffic the comes in from V1 and V2 destin for inter 3 and 4 doesn't NAT anymore due to

the interfaces being a NAT OUT.

Solution or what I think is a solution:

What I was thinking is that since V1 and V2 terminate on the same distant end location what I wanted to

do is leave everything as is but on the secondary link V2 change that to IP NAT out and accept/advertise

the subnets that I want to get to and that needs NATTing so it will look something like this:

source --> IP NAT IN  chirt4 --> V1 IP NAT IN

                                              V2 IP NAT OUT

                                              inter 3 IP NAT OUT

                                              inter 4 IP NAT OUT

so now my existing connectivity will continue to work over the primary and the new connectivity/NATs

I can advertise/NAT out of the secondary connection.  Does that sound feasable to do?  Unfortunatly I don't

have a test system to try this on so wanted your advice.  Thank you in advance!!!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion

Related Content