Issue is slightly different. Server beyond the LAN can communicate with the both primary and secondary ip address of remote m/c through only by one ip address.This is the limitations of the application runnning of the host server.
So server will connect to the secondary ip (10.10.2.x) as primary ip (172.16.5.x) so i think ip nating has to enabled in R2
One question that I would want to know is, does Router 2 have a route to reach the ip 10.10.2.1 server? If so, then on he R2 we can configure a static nat config that will change the source ip 192.168.5.145 to anything in the 10.10.2.0/24 network. But then, you said it was using path1, why do u wanna change anything on R2?
You need to take care of two issues: routing and NAT. For the routing you need to make sure that router 1 uses router 2 for the destination 172.16.5.145. I assume that path 2 is a backup and should be used only when the path 1 is unavailable? If that is correct, you can add a static route to router 1:
ip route 172.16.5.145 255.255.255.255 200
This will trigger router 1 to use router 2 to reach 172.16.5.145 only when no other route is available. You must also make sure that the ATM routes traffic to 192.168.5.145 to the VPN device in situations where you want path 2 to be taken.
Then NAT. I would try to apply NAT outside on router 1, like this
ip nat outside source static 10.10.2.1 172.16.5.145
Then apply on router 1 on the interface towards the switching server, and on the interface towards router 2. Since the "outside" is towards router 2, packets will only get translated when they are routed over path 2, otherwise not.
You can not apply NAT outside on router 2 because router 2 will first lookup the destination address before translating, and router 2 has no route to 172.16.5.145.
I hope I have correctly understood your situation, if not let me know. It would also be helpful if there are additional information about routing protocols.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...