Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

NAT this NAT that

OK here’s the problem, I have five devices that need to send data to a DB server in my NOC. I also need to send data to these devices from my NOC. I have a Cisco router on the Remote LAN side and the Checkpoint firewall on the NOC side. The Cisco router connects to the Internet via a frame relay circuit on a 30-bit network. Every thing behind the router is NATed. At the NOC I have 26-bit network and we are using NAT here also. How do I get this to work?

Remote LAN Remote WAN


Host Devices DB Server

Did I mention that every thing needs to talk to port 20052?

Cisco Employee

Re: NAT this NAT that

you need 1 static nat entry for the server at the noc.

That's no problem with your amount of addresses.

For the remote site, if you need to access them from the Noc, you also need static nat entry, which is not possible because you don't have enough addresses.

You could use PAT static entry (1 TCP port is dedicated to 1 device ie: port 80 is dedicated to device X, and ports 21/20 to device Y).

If this does not solve your problem, you might need an ipsec tunnel between your 2 sites and just don't use NAT for internal traffic.

New Member

Re: NAT this NAT that


You must have a static valid IP address for the DB server at NOC(thats, then Your packet translations should happen this way:

source: -> natted source: ->FR Internet -> destined for the valid IP for at NOC Router) -> reached DB server.

in this scenario both the routers would be maintaining the NAT tables which includes layer 4 information as well.

You have to ensure that the checkpoint rule base allows the trafic to and fro.

It would work.

CreatePlease to create content