NAT

devang_etcom · ‎01-09-2007

hi,

i am trying to bind the perticular TTY line port number with NAT for reverse telnet... so is it possible?

i tried it but it didnt work, but i want to make sure that it really possible or not...?

i tried to use

ip nat inside source static tcp 192.168.1.1 2003 172.16.1.1 2003 extendable

i have multiple tty line which is used by the reverse telnet to get the async data.

you can say i want to go for NAT for reverse telnet line...

so is it possible?

regards

Devang

tdrais · ‎01-09-2007

Saw your question before and didn't respond and had hoped someone else understood. I will give you my guess.

For some reason I am having problems knowing what you mean by reverse telnet.

If your traffic is coming into the router going out the tty to a async port it doesn't really matter what address you use. The router is smart enough to know that is one of his addresses. just put in a loopback for each address you want the router to use. If you want to force users to use particilar addresses with particular ports you can just a simple access list to restrict this.

Now if the traffic is orgianting from the async port or you want to nat the routers addresses in general it gets tricky.

You can put nat inside/outside statement on loopback addresses. This will generally make the nat work in one direct. The trick is the traffic the router creates himself bypasses most stuff including nat and outbound access lists. The way you get around this is to use a statement IP LOCAL POLICY ROUTE. This causs the traffic generated by the router itself to be policy routed. What you do is to policy route the traffic to a loopback interface. It now to the router appears the traffic came in that interface. Now if this loopback is defined as a inside interface and your other interface is outside the traffic will be natted as it leaves the router and returns.

Be very careful of the local policy route command it is very easy to make a mistake and your only option is to power cycle the router.

devang_etcom · ‎01-09-2007

hi tdrais,

thank you very much for your response but will you please simplify it more?

let me explain you my requirement properly.

i do have multiple async generator devices at one end and that async data can be read by the management software which is installed in host computer and all the host computer is at other side.

Asyncdevice---router1---internet---router2---Managementhost

so i want async data back after router2. it means router1 to router2 connectivity is IP connectivity and asyncdevice to router1 is async connectivity as well as router2 to managemnthost is again async connectivity. so you can say i want to tunnel the async data through IP network. one trick is STUN and BSTUN but i dont want to go for that as its increase the deployment cost (i can use it but its last option) so i am looking for the some cost effective solution for it.

one more thing here i have multiple asyncdevices connected to the same router1 for simplicity i explained you one in topology... so if we can use the async card of 16 line is also good.

waiting for your reply...

regards

Devang

sundar.palaniappan · ‎01-10-2007

Devang,

I don't know if you are still having the issue. Did you find a solution?

There might be a way to get this to work. Are the management hosts initiating the traffic or is it the async terminal that's originating the traffic.

Sundar

devang_etcom · ‎01-11-2007

hi sundar,

its async terminals that are generating traffic...

tdrais had tried to give good idea but still i am stucking in it.

can i have your email id or contactnumber so i can send you more details?

regards

Devang