Strange problem with NAT as possible solution

nic · ‎11-05-2002

I need to make a host on a remote network on our WAN act as if it was on our local LAN. I thought of using NAT to do this, but are not sure how to tackle the problem. Any advice please .....

steve.barlow · ‎11-05-2002

Look into "ip nat outside". Here is a link: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f8e.shtml

eg.

int s0

ip nat outside

!

int e0

ip add 11.11.11.1 255.255.255.0

ip nat inside

!

ip nat pool test 11.11.11.11 11.11.11.11 netmask 255.255.255.0

ip nat outside source list 1 pool test

access-list 1 permit 10.10.10.10

This makes 10.10.10.10 look like it has an IP of 11.11.11.11 (which is on the local subnet).

Hope it helps.

Steve

nic · ‎11-06-2002

Thank you Steve

It works like a dream!

I used:

ip nat outside source static 10.10.10.10 11.11.11.11

'cause it is only one host.

Also just had to add: ip route 10.10.10.10 255.255.255.255 s0

Thanks again

Nic

cpapilaya · ‎11-05-2002

You can use private ip adds in your internetwork such as 192.168.0.0 to 192.168.255.255 (class C) for your hosts adds and use one or more legally licensed adds , you can get this adds from your ISP, of course you have to pay for this adds. When you have the adds from your ISP, you can assign this adds on the router located on remote network on serial interface(S1) and assign ip adds using private ip adds on ethernet interface as a default routing. ex: "ip route 0.0.0.0 0.0.0.0 192.168.50.1" with 192.168.50.1 is the ip adds on ethernet interface of the router. This way, any ip adds which is not in your internetwork will be routed through internet, do the same thing on your router at main office.. But this is not recommend if you only use NAT router, its easy for somebody to break into your internetwork from internet, you must use CISCO's PIX firewall and/or use access-list on your NAT router. Hope can help..