Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAT in Router

Hi

I did NAT with my router 2500 ,I can able to access out side world from my LAN.I am not able to get inside to LAN.My router is connected to PP link to other router where i had few serrvers. Is there any way to access my corporate LAN systems from ther other end router.

Thanks

3 REPLIES

Re: NAT in Router

Yes, in general this is possible. You did not give sufficient information on what you EXACTLY want to achieve so I am afraid that is all we can tell you for now. Please be a little more specific.

New Member

Re: NAT in Router

Thanks for your reply ,here is scenario:

LAN A--->ROUTER A<-----PP LINK(leased line)---->ROUTER B-->SWITCH(LAN B)--NS Fire Wall-->Inetrnet

LAN A is Corporate Private Network ,ROUETR A is NAT to access Internet thru PPP (Thru our Data center). ROUTER B is at our Data center and other end is connected to switch where i had some servers.I am able to access the servers at Datacenter(connected to SWITCH) .

My question is ,i am not able to access the systems at corporate,I can only ping them.(FYI: I tried access list it is over writing NAT ,,stops everytihing).

Your reply is appreciated.

Thanks

Bhoomaiah

Re: NAT in Router

It could be done like this:

Assuming 172.16 is LAN A and 10.1.2.0 is LAN B

>> define a NAT pool:

ip local pool natpool1 10.52.47.11 10.52.47.254

ip nat pool natpool1 10.52.47.11 10.52.47.254 netmask 255.255.255.0

>> access-list 102 defines interesting traffic:

ip nat inside source list 102 pool natpool1

!

>> exclude NAT for server-traffic:

access-list 102 deny ip 172.16.0.0 0.0.255.255 10.1.2.0 0.0.0.255

>> everything else is destined for Internet ans must be natted:

access-list 102 permit ip 172.16.0.0 0.0.255.255 any

This disables NAT for traffic between A and B and hence there should be connectivity.

281
Views
0
Helpful
3
Replies