01-06-2014 01:56 AM - edited 03-07-2019 05:23 PM
Dear friends,
I have a very small diagram regrding natting. R1<->R2, R2<->R3. I have configured static nat on the R2 router.
R1------------------------------------------R2-----------------------------------------------------R3 200.1.1.1
f0/0-10.1.1.1 10.2 f0/0-20.1 20.2
Configuration Below:
ip nat inside source static tcp 10.1.1.1 1080 10.1.1.5 23 extendable
If I want to access R3's loop back address how I will access and from R3 how I will access to R1.
Ex: Telnet 200.1.1.1 like this
And what is the use of Extendable here????????
Please help!!!!!
Regrads,
Sanjib
01-06-2014 03:27 AM
Sanjib
From R1 you would just telnet to 200.1.1.1 on R3. R1's IP address will appear as 10.1.1.5 so you need to make sure there is a route on R3 for this IP. If you are using 10.1.1.0/24 between R1 and R2 only R3 would need to have a route for that subnet as R2 is locally connected.
From R3 you telnet to 10.1.1.5 but that would change the port number to 1080 and R1 will not respond in terms of telnettting in. You could also still telnet to 10.1.1.1 and that would allow telnet.
If you want to telnet to 10.1.1.5 from R3 and still get in then change your NAT statmement to use TCP port 23 on both IPs.
The extendable keyword is used, for example, where you map the same local IP to multiple global IPs and the router needs to do a full translation to keep track of which global IP is being used. So i don't think it is needed in your configuration but i don't have anything to test with to be absolutely sure.
Jon
01-06-2014 05:02 AM
Dear Jon,
I tried to telnet 200.1.1.1 but unable to access:
On R2:
ip nat inside source static tcp 10.1.1.1 1080 20.1.1.5 23
On R1:
R1#telnet 200.1.1.1
Trying 200.1.1.1 ...
% Connection timed out; remote host not responding
Mar 1 00:06:29.855: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:06:29.855: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
*Mar 1 00:06:31.835: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:06:31.835: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
*Mar 1 00:09:15.931: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:09:15.931: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
*Mar 1 00:09:17.903: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:09:17.903: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
int f0/0
ip add 10.1.1.1 255.255.255.0
no shut
ip route 0.0.0.0 0.0.0.0 10.1.1.2
int f0/1
ip nat outside
int f0/0
ip nat inside
exi
ip route 0.0.0.0 0.0.0.0 20.1.1.1
int f0/0
ip add 10.1.1.2 255.255.255.0
no shut
int f0/1
ip add 20.1.1.2 255.255.255.0
no shut
exit
ip nat inside source static 10.1.1.1 1080 20.1.1.5 23
ip nat inside source static tcp 10.1.1.1 1080 20.1.1.5 23
int f0/0
ip add 20.1.1.1 255.255.255.0
no shut
int l1
ip add 200.1.1.1 255.255.255.0
exi
ip route 20.1.1.5 255.255.255.255 20.1.1.2
R1#telnet 200.1.1.1
Trying 200.1.1.1 ...
% Connection timed out; remote host not responding
On R3:
After debug Enabled:
Mar 1 00:06:29.855: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:06:29.855: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
*Mar 1 00:06:31.835: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:06:31.835: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
*Mar 1 00:09:15.931: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:09:15.931: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
*Mar 1 00:09:17.903: IP: tableid=0, s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1 (Loopback1), routed via RIB
*Mar 1 00:09:17.903: IP: s=10.1.1.1 (FastEthernet0/0), d=200.1.1.1, len 44, rcvd 4
R3(config)#
Nat not working on R2
Please help?????
Configuration on R1:
int f0/0
ip add 10.1.1.1 255.255.255.0
no shut
ip route 0.0.0.0 0.0.0.0 10.1.1.2
Configuration On R2:
int f0/1
ip nat outside
int f0/0
ip nat inside
exi
ip route 0.0.0.0 0.0.0.0 20.1.1.1
int f0/0
ip add 10.1.1.2 255.255.255.0
no shut
int f0/1
ip add 20.1.1.2 255.255.255.0
no shut
exit
ip nat inside source static tcp 10.1.1.1 1080 20.1.1.5 23
Configuration On R3:
int f0/0
ip add 20.1.1.1 255.255.255.0
no shut
int l1
ip add 200.1.1.1 255.255.255.0
exi
01-06-2014 05:11 AM
Sanjib
My apologies, with this statement -
ip nat inside source static tcp 10.1.1.1 1080 10.1.1.5 23
it will only work from R3 to R1 because you are doing port translation and so when you telnet from R1 unless the source port is 1080 then the NAT is not applied.
If you want to telnet both ways then you need to change your NAT statement, so remove the ones you have and add this -
ip nat inside source static 10.1.1.1 10.1.1.5
this NAT statement will allow you to telnet both ways and translate the 10.1.1.1 IP to 10.1.1.5.
Jon
01-06-2014 10:09 AM
Dear Jon,
Still it is not working from R3 to R1...
R3#telnet 20.1.1.5
Trying 20.1.1.5 ...
% Connection refused by remote host
Nat Configuration on R2:
R2(config)#ip nat inside source static tcp 10.1.1.1 1080 20.1.1.5 23
Is there any method to change the source port while accessing any other device????
And how to access R3 from R1 by using port address translation like above statement.
Please help Jon!!!
Regards,
Sanjib
01-06-2014 11:11 AM
Sanjib
I'm trying to help but you need to read what i am saying. You cannot use the NAT statement you have because telnet is port 23 but you are changing it to port 1080 which is not telnet so R1 won't answer. If you want to only telnet from R3 to R1 -
ip nat inside source static tcp 10.1.1.1 23 20.1.1.5 23
but that would then not work it you telnet from R1 to R3 because the source port will not be 23 so the NAT translation will not take effect.. If you want to telnet both ways then you need to remove the ports from yout NAT statement -
ip nat inside source static 10.1.1.1 20.1.1.5
If you wanted to access R3 by using port address translation you would need to specify the source port. I don't think is possible with IOS. The use of port forwarding in IOS is used generally from outside to inside and not the other way round.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide