asked on

cisco router configuration of nat routing for computers inside the router

I have a router that i am connecting to my corperate network(172.16.7.xxx) to set up a private network(10.10.10.xxx). The router is assigned an external static address of 172.16.7.50 and internally it has an address of 10.10.10.1. It uses DHCP and gives out addresses of 10.10.10.2 - 10.10.10.254 to internal computers using DHCP on the private network:

interface Ethernet0
ip address 10.10.10.1 255.255.255.0
ip nat inside
no ip mroute-cache
no cdp enable
hold-queue 32 in
!
interface Ethernet1
ip address 172.16.7.50 255.255.255.0
ip nat outside
no ip mroute-cache
duplex auto
no cdp enable

I also have some NAT entries defined in the router for example:

ip nat inside source static tcp 10.10.10.2 8888 interface Ethernet1 8888

This allows a program on the corperate network to open 172.16.7.50:8888 and that port is translated to 10.10.10.2:8888 on my private network. If i have a program on 10.10.10.2 that listens on port 8888 for connections everything works great.

Additonally from a computer in my private network say 10.10.10.3 I want to connect to 172.16.7.50:8888 (that is i would like the router to translate the address even if it is comming from an internal address).

When i used a linksys router (RV042 or BEFVP41) this worked fine. Now i am attempting this on a Cisco SOHO 91 (this router supports telnet and i want to change the configuration of the router programatically) i can open 172.16.7.50:8888 from a computer on the outside of the router (corperate network) but i cannot open 172.16.7.50:8888 from a computer on my private network (I can open 10.10.10.2:8888 from the private but i need it to be 172.16.7.50:8888 from the private network, so it goes through the router and the translation is provided).

What configuration settings do i need for my Cisco router to provide the same functionality the the linksys router provided (I am sure it can be done judging by the configuration settings from the cisco router under telnet).

ASKER CERTIFIED SOLUTION

JFrederick29

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

keith_gard

ASKER

Here is what i would like to do: On my private network i am setting up a load balancing solution (home brew). I was using the router to locate the main server for registration of other computers (they would register 1 every minute, this is not a performance sensitive communication and is only used by my internal server application). With the linksys router i would set up a nat entry that would specify one computer "main server" and the port to communicate on. For example if i set up the nat to route 172.16.7.50 port 8888 to my internal address 10.10.10.2. Then on each computer on the private network i would open port 172.16.7.50 and with the linksys router configured with the proper nat settings it would it would really open 10.10.10.2:8888. Each private server could then send socket based xml packets to the "main server" and register with the main server.

Again this works fine for the linksys routers.

Additionally I would like to change the main server by just changing the router nat settings. I would do this if "main server" fails by reconfiguring the router programatically (telnet). This forces me to look at cisco routers since they support telnet and i can change the nat via one of my functional servers (when they notice the main server is down). (BTW: for anyone who cares linksys RV042 says it supports telnet but really does not). However i cannot get the cisco router to apply the nat translation even if i use what i think is an external address 172.16.7.50.