Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Inside-Inside NAT On A Router?

Is it possible to configure a router to do an Inside-Inside NAT? In other words, say a system on LAN 10.1.1.X sends out a packet destined for 10.1.2.2 (using class C subnet masks), can the local router be configured to NAT that address to a 10.1.1.X address and send the packet back to a device on that network?

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: Inside-Inside NAT On A Router?

If I understand what you're trying to achieve correctly, you're trying to allow internal hosts to access their NATed IP addresses.

The answer to the inside-inside question is not directly. However, depending on what addresses you are translating the internal hosts to and where those blocks exist on your router (on a loopback, on outside interface, or routed to null, etc..) you could take a look at implementing a modified NAT on a stick scenario. For instance, if you were to route the blocks of the outside IPs to a looped next hop, you could renat the packets that come back in the loopback interface back to the target address. Basically, what you have to create is a situation where the packets coming from your real internal IP block leave the router after being NATed to their global source IP through an outside interface and then return back through an outside interface (having a source IP of the global IP).

Take a look at this document:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml

Hope this helps.

2 REPLIES
Community Member

Re: Inside-Inside NAT On A Router?

If I understand what you're trying to achieve correctly, you're trying to allow internal hosts to access their NATed IP addresses.

The answer to the inside-inside question is not directly. However, depending on what addresses you are translating the internal hosts to and where those blocks exist on your router (on a loopback, on outside interface, or routed to null, etc..) you could take a look at implementing a modified NAT on a stick scenario. For instance, if you were to route the blocks of the outside IPs to a looped next hop, you could renat the packets that come back in the loopback interface back to the target address. Basically, what you have to create is a situation where the packets coming from your real internal IP block leave the router after being NATed to their global source IP through an outside interface and then return back through an outside interface (having a source IP of the global IP).

Take a look at this document:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml

Hope this helps.

Community Member

Re: Inside-Inside NAT On A Router?

Hey thanks a lot, that's a very handy suggestion and the document is helpful too. Too bad I didn't think of that before. I'll try it out tomorrow. Thanks again!

141
Views
0
Helpful
2
Replies
CreatePlease to create content