Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1792
Views
0
Helpful
6
Replies

How to NAT in Cisco 2851

ljramos
Level 1
Level 1

‎03-30-2010 12:30 PM - edited ‎03-06-2019 10:23 AM

ELAN.gif

We have a 3 node ELAN (100 MBPS) with 2851 connecting 1 Main and 2 satellite offices(SO). The Main office is connected to a Private Network via Nortel devices and routed accordingly. But we need to be able to connect to devices in the Nortel PN from the 2 satellites offices. The Network Security liason at the PN does not allow routing to happen to this 2 satellites office because of segments are RFC1918. They have recommended to have traffic from this SO be NAT'ED into ip's from segment from Main office. Problem is I dont know how to do this? Can this be accomplished with this setup? Do I need another device to perform the NATing?

Thanks

Labels:
0 Helpful
6 Replies 6

Jon Marshall
Hall of Fame
Hall of Fame

‎03-30-2010 12:38 PM

Luis

Your diagram is not very clear. Is the 2851 meant to be represented by the 3 blue circles ?

Can you post an example of what you would like ie.

private address in satellite office =

address from your main site that you want to NAT the private address to =

You should be able to do this with your router, just need some clarification.

Jon

0 Helpful

ljramos
Level 1
Level 1
In response to Jon Marshall

‎03-30-2010 01:05 PM

Yes you are correct the 2851 are the blue circles

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to ljramos

‎03-30-2010 01:14 PM

Luis

Okay, lets assume the following -

private ip = 192.168.153.10

ip from main site to use for NAT  = 190.50.103.11  <-- note that this IP address must not be used for anything else -

on your 2811 router -

on the interface connecting to the 192.168.153.0/24 network eg. fa0/0

int fa0/0

ip nat inside

on the interface connecting to the 190.50.103.0/24 network eg fa0/1

int fa0/1

ip nat outside

then

ip nat inside source static 192.168.153.10 190.50.103.11

then the connection would be made to 190.50.193.11 from the Nortel side.

Jon

Cisco are currently donating money to the Haiti earthquake appeal for every rating so please consider rating all helpful posts.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to ljramos

‎03-30-2010 04:22 PM

Luis

Actually if all the blue circles are the 2811 then i made a slight mistake in the previous post.

You need to apply the "ip nat outside" command under the interface connecing to the serial connection ie. bottom right of your diagram eg.

int s0/0

ip nat outside

all the rest of the config is still correct. Apologies for that.

Jon

0 Helpful

ljramos
Level 1
Level 1
In response to Jon Marshall

‎03-31-2010 11:07 AM

Let me update the diagram

0 Helpful

ljramos
Level 1
Level 1
In response to ljramos

‎03-31-2010 12:30 PM


SO far I have done this

On R1

in GE 0/1

ip nat inside

On R3

in GE 0/1

ip nat outside

ip nat inside source static 192.168.153.60 190.50.103.239

Pro Inside global      Inside local       Outside local      Outside global
--- 190.50.103.239     192.168.153.60     ---                ---

Results ... from the Nortel side ping and tracert completes to 190.50.103.239, but cannot RDC to the server from the Nortel side

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card