Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 196
  • Last Modified:

Desperately trying to understand Nat

I'm setting up a Cisco 2600 series router that will connect two sites together with a private line.  Each client wants to use their own block of IPs to access certain systems, so client #1 has dedicated 12.4.xxx.xxx (not sure why but the customer has chosen to use public IPs)to access customer #2 fileserver and 12.4.xxx.xxx to access customer #1 mail server.  Customer #2 wants to translate their IPs to a private IP address before allowing it to route internally.  So the picture looks something like this:

Customer #1 ---->12.4.xxx.xxx  ---->Customer #2 ---->192.168.xxx.xxx ---->System #1

Call me simple-minded but natting has always been a little confusing to me.  I'm not sure where to do the natting here, on both routers or just one?  Am I changing the source Address or the destination address?  I hope this makes sense.....
0
sunny10
Asked:
sunny10
  • 2
1 Solution
 
QuetzalCommented:
NAT will only apply to Customer #2.    You can configure the router in two ways.  (1) associate a unique public ip addr with a private addr, (2) associate a single public ip addr with multiple private addr's but forward specific ports to specific private addr's.  You could mix both modes too.  Method #2 is commonly referred to generically as NAT.

In method 1, the private ip addr from Customer #2 are changed to the public ip addr.  Traffic to Customer #2 will change the destination addr.  Traffic from Customer #2 will change the source addr.  The source and destination ports will not be translated.

In method 2, the combination of the private ip addr/port number from Customer #2 is changed to a unique combination of public ip addr/port number.  Traffic to Customer #2 will change the destination public ip/port to private ip/port.  Traffic from Customer #2 will change the source addr.  Port forwarding affects only traffic to Customer #2.  Traffic to the destination public ip/fwded port will be changed to the private ip/port specified in the forwarding rule.  Note that the source and destination ports are translated.
0
 
QuetzalCommented:
In method 2, the third sentence should read: Traffic from Customer #2 will change the source private ip addr/port to public ip/port (where the public ip port will be unique to all open connections at the time of the packet transmission).
0
 
sunny10Author Commented:
ok, so I created a route-map on customer #2's router.  the route map looks at the source and destination address coming from customer #1 and hands out an address based on the access-list.  I placed 'ip nat inside' on the E0 interface and 'ip nat outside' on the serial port.  Do I need to create a route-map on customer #1's router as well, or does the ip source outside take care of translating it back to its original source address?  The route map isn't working right now but I think it has to do with the firewall and not the list (I think).
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now