Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
604
Views
0
Helpful
3
Replies

NAT Redirection?

johnsont
Level 1
Level 1

‎08-25-2006 05:17 PM - edited ‎03-09-2019 04:01 PM

I am trying to figure out how to use NAT Redirection (that's what it's called on Linksys routers) on a Cisco 806.

I need for my inside host to be able to access my inside servers using the OUTSIDE address.

For instance, from my PC at 10.232.1.50 I need to be able to hit my server which is at 10.232.1.200 by using my external IP of 68.x.95.x (all required ports are forwarded to 10.232.1.200 and work just fine).

On the Linksys it is called NAT redirection but I can't seem to find anything explaining how to do it on a Cisco.

Labels:
Preview file
5 KB
0 Helpful
3 Replies 3

sundar.palaniappan
Level 10
Level 10

‎08-25-2006 07:52 PM

Hi,

I believe you can do this with a feature called NAT-on-a-stick. I don't have access to my lab gear at this time to test but I can see it working. You may need a config like the one below.

int lo0

ip add 10.0.0.1 255.255.255.255

ip nat outside

int e0

ip add 10.232.1.1 255.255.255.0

ip nat inside

ip policy route-map TEST

route-map TEST permit 10

match ip add 150

set int lo0

access-list 150 permit ip host 10.232.1.50 host 68.214.95.183

ip nat inside source static 10.232.1.200 host 68.241.95.183

Let me know if it helped.

Here's a CCO link that you can read to familiarize yourself with NAT-on-a-stick

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml

HTH,

Sundar

0 Helpful

johnsont
Level 1
Level 1
In response to sundar.palaniappan

‎08-26-2006 11:03 AM

Sundar,

I tried the above, still no joy. Maybe you can simulate in the lab.

I have read over the CCO link but I am just not getting it.

I appreciate your help.

0 Helpful

sundar.palaniappan
Level 10
Level 10
In response to johnsont

‎09-05-2006 01:48 PM

Tony,

I realize the problem is the return traffic from the server to the client. The server would try to connect to the client using it's inside local address as the source IP and the client wouldn't accept it as it would be expecting the response from the server's global address.

Why is it the client need to connect to the server using the global IP instead of the local address?

Sundar

0 Helpful
Customers Also Viewed These Support Documents