Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Question on overlap-IP range within organization

Imagine my internal network-organization operates using IP=192.168.1.0/24.

Imagine I have a Department-in-another-corner-of-theworld using private address range 10.0.0.0/8.

Then My-Department-US has some hardcoded devices which require IP address in the range 10.0.0.0/8 in order to operate. Such devices should be placed behind a layer 3 device (router or switch) in order to contain broadcast traffics anyway.

That said, if I let this My-Department-US connect OK on 10.0.0.8/24 and I do #ip nat inside and I translate all inside local addresses on 10.0.0.8/24 using an 'inside global' 192.168.1.0/24 do you see any technical or practical issue in which I should prevent them from using such 10.0.0.0/24 behind this layer 3 device? Just because that IP address range 10.0.0.0/24 conflicts with the Department-inanother-corner-oftheworld that should not be a technical or practical issue to prevent this? Am I right?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Question on overlap-IP range within organization

It may or mayn't create problems and that depends on lot of factors. It's very hard to give a correct answer without knowing the whole topology and who is initiating the traffic etc. But, to be sure that you don't run into problems you would want NAT the users on both sides and ensure you have routes to get to the NAT IP range from the remote routers.

HTH

Sundar

4 REPLIES

Re: Question on overlap-IP range within organization

Hi,

Kindly check this document:

Using NAT in Overlapping Networks

http://www.cisco.com/warp/public/556/3.html

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Re: Question on overlap-IP range within organization

It may or mayn't create problems and that depends on lot of factors. It's very hard to give a correct answer without knowing the whole topology and who is initiating the traffic etc. But, to be sure that you don't run into problems you would want NAT the users on both sides and ensure you have routes to get to the NAT IP range from the remote routers.

HTH

Sundar

New Member

Re: Question on overlap-IP range within organization

hi Sundar,

how do you configure the route to point to the NATed range of IP? if I am using EIGRP, can I just add the NATed range into the EIGRP?

Thanks much,

pn

Hall of Fame Super Blue

Re: Question on overlap-IP range within organization

Hi Pn

Yes, that is exactly what you do. You can add a route for the Natted address range and redistribute it into EIGRP.

Jon

112
Views
5
Helpful
4
Replies