This is the problem I have....
I have an access point that only has configuration settings available for IP address and subnet mask. It does not allow me to set a default gateway. As you would know this causes problem if I wish to administer this access point from a remote location on a different network.
I'm trying to take my router and perform some fancy NAT features to get this to work. Yes I know it would be cheaper to go out and get a new access point. But I thought it would be fun to see if this was possible.
Basically I need to take an available IP address on the outside interface. And translate this to my access point then I need to take my source IP address and translate this to an inside ip address on my router.
192.168.2.1 192.168.2.2 10.0.0.1 10.0.0.5
attempt to connect from pc to access point:
10.0.0.2 <---- 10.0.0.5
192.168.2.1 <--- 192.168.2.5
And then back...
192.168.2.1 ----> 192.168.2.5
translates back to...
10.0.0.2 ----> 10.0.0.5
Note: That all IP address above are static except for 10.0.0.5. This IP address is dynamic and would changed based on the system being used to administer the access point.
I have enabled the following debug:
ICMP packet debugging is on
IP NAT debugging is on
IP NAT detailed debugging is on
When I issue a ping 10.0.0.2 from my pc this is what I get on the router:
Jun 17 08:29:07.225: NAT*: o: icmp (10.0.0.5, 512) -> (10.0.0.2, 512) 
Jun 17 08:29:07.225: NAT*: s=10.0.0.5->192.168.2.5, d=10.0.0.2 
Jun 17 08:29:07.225: NAT*: s=192.168.2.5, d=10.0.0.2->192.168.2.1 
Jun 17 08:29:07.229: ICMP: echo reply rcvd, src 192.168.2.1, dst 192.168.2.5
It seems that the translation one direction works fine. And you even see the ping responding back from the access point. BUT it seems like this not translating back over to the outside interface.
Here is a show ip nat tran
Pro Inside global Inside local Outside local Outside global
--- 10.0.0.2 192.168.2.1 --- ---
--- --- --- 192.168.2.5 10.0.0.5
--- 10.0.0.2 192.168.2.1 192.168.2.5 10.0.0.5
I have played around for this for some time hope someone else can help out... Here is my full running config...
If I'm going at this all wrong please advise! Thanks!
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
memory-size iomem 25
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip audit po max-events 100
username cisco privilege 15 password 0 cisco
no ip address
ip address 192.168.2.2 255.255.255.0
ip nat inside
ip address 10.0.0.2 255.255.255.0 secondary
ip address 10.0.0.1 255.255.255.0
ip nat outside
no ip address
ip nat pool test2 192.168.2.5 192.168.2.5 netmask 255.255.255.0
ip nat pool wanip 10.0.0.1 10.0.0.4 netmask 255.255.255.0
ip nat inside source list 100 pool wanip overload
ip nat inside source static 192.168.2.1 10.0.0.2
ip nat outside source list 101 pool test2 add-route
no ip http server
no ip http secure-server
access-list 100 permit ip any any
access-list 101 permit ip any host 10.0.0.2
line con 0
modem autoconfigure discovery
transport input all
transport output pad udptn telnet rlogin ssh
line aux 0
line vty 0 4
line vty 5 15